As if two Ivanti vulnerabilities under explot wasn't bad enough, now there are 3

As if two Ivanti vulnerabilities under explot wasn't bad enough, now there are 3

Briefly

The new vulnerability, tracked as CVE-2024-21893, is what's known as a server-side request forgery.

Ars Technicahttps://arstechnica.com/security/2024/02/as-if-two-ivanti-vulnerabilities-under-explot-wasnt-bad-enough-now-there-are-3/

At the time this Ars post went live, the exploitation volume of the vulnerability exceeded that of CVE-2023-46805 and CVE-2024-21887, the previous Ivanti vulnerabilities under active targeting.

Ars Technicahttps://arstechnica.com/security/2024/02/as-if-two-ivanti-vulnerabilities-under-explot-wasnt-bad-enough-now-there-are-3/