Sentry

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:ivanti:sentry:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorIvanti (40b984ad-e54c-5e1b-9aa1-2a4cd4d61129)
ProductSentry (7c06157b-8ac2-5040-89e5-3c39c9b7aea3)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-8540 not_vulnerable 2026-06-03 14:58:18.694996 Details available
HIGH (8.8)
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components.
Published: 2024-12-10T18:52:17.010Z
Updated: 2024-12-14T04:55:18.267Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-41724 vulnerable 2026-06-03 14:52:52.227312 Details available
CRITICAL (9.6)
A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.
Published: 2024-03-31T01:45:42.684Z
Updated: 2025-03-25T14:36:27.737Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-39338 vulnerable 2026-06-03 14:52:38.708868 Details available
MEDIUM (6.8)
Enables an authenticated user (enrolled device) to access a service protected by Sentry even if they are not authorized according to the sentry policy to access that service. It does not enable the user to authenticate to or use the service, it just provides the tunnel access.
Published: 2025-07-12T03:30:40.285Z
Updated: 2026-02-26T17:50:42.704Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.