Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Ivanti Sentry Authentication Bypass (CVE-2023-38035) - Vulnerability Database

Ivanti Sentry Authentication Bypass (CVE-2023-38035)

Description

Ivanti Sentry is vulnerable to an authentication bypass vulnerability. An attacker could exploit this vulnerability to get full access to the system.

Remediation

Upgrade to the latest version of Ivanti Sentry

References

KB API Authentication Bypass on Sentry Administrator Interface - CVE-2023-38035
Ivanti Sentry Authentication Bypass CVE-2023-38035 Deep Dive

Related Vulnerabilities

Cacti Unauthenticated Command Injection (CVE-2022-46169) Critical
Common tags: Code Execution Authentication Bypass Known Vulnerabilities
Ivanti EPM SQLi RCE (CVE-2024-29824) High
Common tags: Code Execution Known Vulnerabilities Acumonitor
IBM ODM JNDI injection (CVE-2024-22319) Critical
Common tags: Code Execution Known Vulnerabilities Acumonitor
Ruby on Rails DoubleTap RCE (CVE-2019-5420) High
Common tags: Code Execution Known Vulnerabilities Acumonitor
SharePoint "ToolShell" RCE (CVE-2025-49704/CVE-2025-49706/CVE-2025-53770/CVE-2025-53771) Critical
Common tags: Code Execution Authentication Bypass Known Vulnerabilities

Severity

Critical

Classification

CVE-2023-38035
CWE-863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Tags

Code Execution
Authentication Bypass
Known Vulnerabilities
Acumonitor