Ivanti recently published an urgent warning about an authentication bypass in Ivanti Connect Secure, Ivanti Policy Secure, and ZTA gateways, tracked as CVE-2024-22024. The bug, which carries a severity score of 8.3, was discovered during an internal review.
Since its announcement on February 8, Imperva Threat Research has observed attackers attempting to exploit this vulnerability via automated tools over 30,000 times on thousands of sites, predominantly those in Financial Services.
Imperva customers are protected against CVE-2024-22024. Cloud WAF and On-Prem customers with SecureSphere Emergency Feed enabled are protected out of the box. On-Prem customers without Emergency Feed will need to manually add the signature published via our Customer Portal. Even with protection, we urge our customers to remain vigilant and update their systems with the latest security patches.
Try Imperva for Free
Protect your business for 30 days on Imperva.