CVE-2023-39339

NONE EPSS 56.6%
Published Jul 12, 202511mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Jul 12, 2025 11mo ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an authenticated administrator can perform an arbitrary file read via a maliciously crafted web request.

Threat Intelligence

EPSS Exploit Probability
56.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 2

VendorProductVersionRange
ivantipolicy_secure* <22.6
ivantipolicy_secure22.6any

References 1

  • forums.ivanti.com https://forums.ivanti.com/s/article/Security-patch-release-Ivanti-Policy-Secure-22-6R1
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.