CVE Daily

CVE-2025-5466

XEE in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure bef...

Medium CVSS 4.9

Overview

XEE in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote authenticated attacker with admin privileges to trigger a denial of service

CWE: CWE-776 Published: 2025-08-12T15:15:31.117
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 4.9 (MEDIUM)
  • Detected tags: dos (tag impact: LOW)

Recommended actions:

  • Rate limiting, resource quotas and circuit breakers.

Recommended tools

Tags