BDU:2024-09903

CVE-2024-7570

Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user.

GHSA-8cgw-qh4h-cf58

Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user.

BDU:2024-09902

Уязвимость реализации протокола OpenID Connect (OIDC) средства управления IT-сервисами Ivanti Neurons for ITSM, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации