CVE-2025-5464
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 allows a local authenticated attacker to obtain that information.
| Software | From | Fixed in |
|---|---|---|
| ivanti / connect_secure | 22.7-r1.5 | 22.7-r1.5.x |
| ivanti / connect_secure | 22.7-r1.4 | 22.7-r1.4.x |
| ivanti / connect_secure | 22.7-r1.3 | 22.7-r1.3.x |
| ivanti / connect_secure | 22.7-r1.2 | 22.7-r1.2.x |
| ivanti / connect_secure | 22.7-r2.2 | 22.7-r2.2.x |
| ivanti / connect_secure | 22.7-r2.1 | 22.7-r2.1.x |
| ivanti / connect_secure | 22.7 | 22.7.x |
| ivanti / connect_secure | - | 22.7 |
| ivanti / connect_secure | 22.7-r1 | 22.7-r1.x |
| ivanti / connect_secure | 22.7-r1.1 | 22.7-r1.1.x |
| ivanti / connect_secure | 22.7-r2 | 22.7-r2.x |
| ivanti / connect_secure | 22.7-r2.3 | 22.7-r2.3.x |
| ivanti / connect_secure | 22.7-r2.4 | 22.7-r2.4.x |
| ivanti / connect_secure | 22.7-r2.5 | 22.7-r2.5.x |
| ivanti / connect_secure | 22.7-r2.6 | 22.7-r2.6.x |
| ivanti / connect_secure | 22.7-r2.7 | 22.7-r2.7.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime