Ivanti warns customers another zero-day is under active attack

U.S. software giant Ivanti has scrambled to patch another zero-day vulnerability under active attack.
The vulnerability, tracked as CVE-2023-38035 with a vulnerability severity rating of 9.8 out of 10, affects the software company’s Sentry product. Ivanti Sentry (formerly MobileIron Sentry) is a mobile gateway designed to manage, encrypt, and secure network traffic between employee devices and a company’s back-end systems.
The new vulnerability — known as a zero-day since the company had no time to fix the bug before it was exploited — allows unauthenticated attackers to access sensitive

リンク元