Ivanti Product Security Update Advisory (CVE-2023-38041)

Feb 27 2024

Overview

An update has been made available to fix vulnerabilities in ivanti. Users of affected versions are advised to update to the latest version.

Affected Products

All versions of Ivanti Secure Access Client prior to 22.6R1

Resolved Vulnerabilities

Privilege escalation vulnerability for unprivileged local users in Ivanti Secure Access Client (CVE-2023-38041)

Vulnerability Patches

A vulnerability patch was made available in the October 19, 2023 update. Please refer to the reference site to update to the latest vulnerability patch version.

Ivanti Secure Access Client version 22.6R1

Referenced Sites

[1] CVE-2023-38041 Detail
https://nvd.nist.gov/vuln/detail/CVE-2023-38041
[2] CVE-2023-38041 New client side release to address a privilege escalation on Windows user machines
https://forums.ivanti.com/s/article/CVE-2023-38041-New-client-side-release-to-address-a-privilege-escalation-on-Windows-user-machines?language=en_US-

Ivanti Product Security Update Advisory (CVE-2023-38041)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Security update advisories for IBM products (IBM Cognos Analytics, IBM Aspera Console, etc.)

Security Update Advisory for python-jwt Package (CVE-2022-39227)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Security update advisories for IBM products (IBM Cognos Analytics, IBM Aspera Console, etc.)

Security Update Advisory for python-jwt Package (CVE-2022-39227)