Primary

Context

Ivanti Sentry Authentication Bypass Vulnerability Allowing Creation of Administrative Accounts

Vulnerability

Patched

A vulnerability allowing authentication bypass has been identified in Ivanti Sentry versions prior to R10.5.2, R10.6.2, and R10.7.1. This vulnerability allows remote unauthenticated attackers to create arbitrary administrative accounts, granting them full administrative access.

Impact

Exploitation of this vulnerability allows for the creation of administrative accounts, providing full administrative privileges to the attacker.

Remediation

Users can update to Ivanti Sentry versions 10.5.2, 10.6.2, or 10.7.1. The new versions can be downloaded from the Ivanti Download Portal (login required).

Added: Jun 9, 2026, 4:38 PM

Updated: Jun 9, 2026, 4:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

9.3

threat

0.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

9.3

threat

0.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ivanti Sentry Authentication Bypass Vulnerability Allowing Creation of Administrative Accounts

Vulnerability

Impact

Remediation

Affected Products

Ivanti Sentry

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating