Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information.
Metrics
Affected Vendors & Products
References
History
Tue, 08 Jul 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 08 Jul 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information. | |
Weaknesses | CWE-532 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ivanti
Published: 2025-07-08T15:02:38.657Z
Updated: 2025-07-08T20:39:29.302Z
Reserved: 2025-06-02T10:54:07.286Z
Link: CVE-2025-5463

Updated: 2025-07-08T20:39:26.293Z

Status : Awaiting Analysis
Published: 2025-07-08T15:15:32.010
Modified: 2025-07-08T16:18:14.207
Link: CVE-2025-5463

No data.