Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
Published: 2024-08-14
Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available