Filtered by vendor Ivanti Subscriptions
Filtered by product Sentry Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-8540 1 Ivanti 2 Sentry, Standalone Sentry 2025-07-30 8.8 High
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components.
CVE-2023-39338 1 Ivanti 1 Sentry 2025-07-15 N/A
Enables an authenticated user (enrolled device) to access a service protected by Sentry even if they are not authorized according to the sentry policy to access that service. It does not enable the user to authenticate to or use the service, it just provides the tunnel access.
CVE-2023-41724 1 Ivanti 2 Sentry, Standalone Sentry 2025-03-25 8.8 High
A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.