CVE-2023-46805 Scanner
CVE-2023-46805 Scanner - Authorization Bypass vulnerability in Ivanti Connect Secure
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
3 weeks 12 hours
Scan only one
Domain, IPv4
Toolbox
-
The Ivanti Connect Secure is widely utilized across various organizations for providing secure remote access solutions. It is favored by IT departments for enabling mobile employees to securely access corporate resources from anywhere in the world. Businesses rely on Ivanti Connect Secure to ensure data security and integrity while accessing corporate files, emails, and applications. This software is particularly popular in industries that require strong compliance with data protection regulations, such as finance and healthcare. With its robust features and reliability, Ivanti Connect Secure supports organizations in delivering secure communication across diverse networks. It acts as a critical tool in enterprises to manage remote worker connectivity without compromising on security.
The vulnerability being discussed is an authorization bypass, which can have severe implications for affected systems. This flaw permits unauthorized users to bypass security checks that are in place to restrict access to sensitive system functions. By exploiting this vulnerability, attackers could gain access to protected resources without any authentication. In the Ivanti Connect Secure context, unauthorized individuals could leverage this to manipulate system configurations or extract sensitive information. The severity of such a vulnerability is high as it undermines the fundamental security measures deployed in the product. As a result, it poses a significant risk to organizational data and operations.
The authorization bypass vulnerability in Ivanti Connect Secure is identified in the web component of the software, specifically through the misconfiguration of security controls. Attackers exploit this by sending crafted requests that manipulate URL paths to access restricted resources. In the given template, endpoints like `/api/v1/totp/user-backup-code/../../system/system-information` depict how directory traversal patterns are used to circumvent authentication layers. The misuse of configuration directives in handling URL paths allows unauthorized users to access internal endpoints that should be protected. Such vulnerabilities highlight potential weaknesses in coding practices or system configurations that require immediate attention.
When exploited, this authorization bypass vulnerability could lead to unauthorized access to critical information and control over system operations. Attackers could manipulate system settings, potentially causing service disruptions or data breaches. Exploiting this vulnerability could also allow the attacker to gather sensitive information, such as user credentials or configuration details, leading to further exploitation or attacks on interconnected systems. The compromise of system integrity and confidentiality can have a cascading effect, potentially impacting business continuity and reputation. Consequently, the implications of such a vulnerability necessitate urgent remediation efforts.
REFERENCES
- https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
- https://nvd.nist.gov/vuln/detail/CVE-2023-46805
- http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html
- https://github.com/H4lo/awesome-IoT-security-article
- https://github.com/inguardians/ivanti-VPN-issues-2024-research