Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-5463: CWE-532 Insertion of Sensitive Information into Log File in Ivanti Connect Secure

Medium
VulnerabilityCVE-2025-5463cvecve-2025-5463cwe-532
Published: Tue Jul 08 2025 (07/08/2025, 15:02:38 UTC)
Source: CVE Database V5
Vendor/Project: Ivanti
Product: Connect Secure

Description

Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information.

Technical Details

Data Version
5.1
Assigner Short Name
ivanti
Date Reserved
2025-06-02T10:54:07.286Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 686d34a96f40f0eb72f7c5a8

Added to database: 7/8/2025, 3:09:29 PM

Last updated: 7/8/2025, 3:09:29 PM

Views: 1

Related Threats

CVE-2025-7037: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Ivanti Endpoint Manager

High
VulnerabilityTue Jul 08 2025

CVE-2025-53372: CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') in alfonsograziano node-code-sandbox-mcp

High
VulnerabilityTue Jul 08 2025

CVE-2025-3630: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in IBM Sterling B2B Integrator

Medium
VulnerabilityTue Jul 08 2025

CVE-2025-7183: SQL Injection in Campcodes Sales and Inventory System

Medium
VulnerabilityTue Jul 08 2025

CVE-2025-6770: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Ivanti Endpoint Manager Mobile

High
VulnerabilityTue Jul 08 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats