exploitDog

CVE-2025-8310

Опубликовано: 12 авг. 2025

Источник: nvd

CVSS3: 6.5

CVSS3: 8.8

EPSS Низкий

Описание

Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password

Ссылки

https://forums.ivanti.com/s/article/August-Security-Advisory-Ivanti-Virtual-Application-Delivery-Controller-vADC-previously-vTM-CVE-2025-8310?language=en_US
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ivanti:virtual_application_delivery_controller:*:*:*:*:*:*:*:*

Версия до 22.9 (исключая)

EPSS

Процентиль: 48%

0.00248

Низкий

6.5 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-9582-7xgq-xhq8

CVSS3: 6.5

github

6 месяцев назад

Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password

EPSS

Процентиль: 48%

0.00248

Низкий

6.5 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-862