Description

A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an authenticated administrator can perform an arbitrary file read via a maliciously crafted web request.

INFO

Published Date :

2025-07-12T03:31:11.142Z

Last Modified :

2025-07-14T16:08:15.813Z

Source :

hackerone
AFFECTED PRODUCTS

The following products are affected by CVE-2023-39339 vulnerability.

Vendors Products
Ivanti
  • Policy Secure
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-39339.

URL Resource
https://forums.ivanti.com/s/article/Security-patch-release-Ivanti-Policy-Secure-22-6R1 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact