Primary

Context

Ivanti Connect Secure and Ivanti Policy Secure Cleartext Data Storage Vulnerability

Vulnerability

A vulnerability exists in Ivanti Connect Secure versions prior to 22.7R2.6 and Ivanti Policy Secure versions prior to 22.7R1.3, allowing local authenticated attackers with admin privileges to access sensitive data. The issue arises from cleartext storage of information, which could be exploited to read confidential data.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive data, potentially allowing for further attacks or privilege escalation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ivanti Connect Secure and Ivanti Policy Secure Cleartext Data Storage Vulnerability

Vulnerability

Impact

Affected Products

Ivanti Connect Secure

Ivanti Policy Secure

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating