Ivanti虛擬流量管理系統存在身分驗證繞過漏洞,已有概念性驗證程式碼公開,用戶應儘速處理
支付動態 · 2024-08-14

Ivanti發布資安公告指出,虛擬流量管理系統Virtual Traffic Manager(vTM)部分版本存在零時差漏洞CVE-2024-7593,由於已有公開的概念性驗證程式碼,攻擊者無須自行從頭研究漏洞,很有可能即將被用於實際攻擊,該公司呼籲用戶應儘速採取緩解措施因應

8月12日Ivanti發布資安公告,指出旗下的虛擬流量管理系統Virtual Traffic Manager(vTM)存在重大層級的零時差漏洞CVE-2024-7593,一旦攻擊者成功利用漏洞,就有機會繞過身分驗證並建立新的管理員帳號,CVSS風險評分為9.8。

值得留意的是,雖然該公司表示尚未察覺用戶遭到漏洞攻擊的跡象,但已有公開的概念性驗證(PoC)程式碼,他們呼籲用戶儘速採取緩解措施因應。

不過,並非所有版本的vTM都受到影響,Ivanti指出,今年3月發布的22.2R1、5月發布的22.7R2,皆不受這項漏洞影響,其餘版本預計8月19日這週發布更新,予以修補。

Popular articles
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
Manila delivers: Highlights from SiGMA Asia 2026 
Southeast Asia
PropellerAds Positions Itself as a Go-To Traffic Source for iGaming Advertisers Ahead of a High-Demand Season
Marketing
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
GAT Expo CDMX 2026 Kicks Off Today in Mexico with a Sold-Out Opening Reception at Big Bola Casino Santa Fe
Marketing
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
Global Game Connect (GGC) 2027 Officially Opens Sponsorship & Exhibition Opportunities in Sri Lanka!
HUIDU Focus
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
New Jersey July Gambling Revenue Hits $606M, Sweeps Casinos Banned
Regulation
Home
Game
Cooperation
Find
My