5.5
CVE-2025-5463
- EPSS 0.12%
- Veröffentlicht 08.07.2025 15:15:32
- Zuletzt bearbeitet 15.07.2025 13:04:57
- Quelle 3c1d8aa1-5a33-4ea4-8992-aadd64
- CVE-Watchlists
- Unerledigt
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ivanti ≫ Connect Secure Version < 22.7
Ivanti ≫ Connect Secure Version22.7 Update-
Ivanti ≫ Connect Secure Version22.7 Updater1
Ivanti ≫ Connect Secure Version22.7 Updater1.1
Ivanti ≫ Connect Secure Version22.7 Updater1.2
Ivanti ≫ Connect Secure Version22.7 Updater1.3
Ivanti ≫ Connect Secure Version22.7 Updater1.4
Ivanti ≫ Connect Secure Version22.7 Updater1.5
Ivanti ≫ Connect Secure Version22.7 Updater2
Ivanti ≫ Connect Secure Version22.7 Updater2.1
Ivanti ≫ Connect Secure Version22.7 Updater2.2
Ivanti ≫ Connect Secure Version22.7 Updater2.3
Ivanti ≫ Connect Secure Version22.7 Updater2.4
Ivanti ≫ Connect Secure Version22.7 Updater2.5
Ivanti ≫ Connect Secure Version22.7 Updater2.6
Ivanti ≫ Connect Secure Version22.7 Updater2.7
Ivanti ≫ Policy Secure Version < 22.7
Ivanti ≫ Policy Secure Version22.7 Update-
Ivanti ≫ Policy Secure Version22.7 Updater1
Ivanti ≫ Policy Secure Version22.7 Updater1.1
Ivanti ≫ Policy Secure Version22.7 Updater1.2
Ivanti ≫ Policy Secure Version22.7 Updater1.3
Ivanti ≫ Policy Secure Version22.7 Updater1.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.303 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 3c1d8aa1-5a33-4ea4-8992-aadd6440af75 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.