8.8
CVE-2026-9614
- EPSS 1.44%
- Veröffentlicht 01.06.2026 17:50:03
- Zuletzt bearbeitet 02.06.2026 14:01:26
- Quelle 3c1d8aa1-5a33-4ea4-8992-aadd64
- CVE-Watchlists
- Unerledigt
An Improper Access Control vulnerability in Ivanti Neurons for ITSM (cloud and on-premises) allows a remote authenticated attacker to gain administrative access.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerIvanti
≫
Produkt
Neurons for ITSM (On-Premises)
Default Statusaffected
Version
2025.4 Patch 1
Status
unaffected
Version
2025.3 Patch 1
Status
unaffected
Version
2025.2 Patch 1
Status
unaffected
HerstellerIvanti
≫
Produkt
Neurons for ITSM (Cloud)
Default Statusaffected
Version
2026.1 Patch 9
Status
unaffected
Version
2026.2 Patch 1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.44% | 0.697 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 3c1d8aa1-5a33-4ea4-8992-aadd6440af75 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-CVE-2026-9614