Statement on CVE 2023-46805 Ivanti Authentication Bypass Vulnerability

January 29, 2024

Information

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

Risk

Not Applicable

Response

Melissa Data Corporation (“Melissa”) was not impacted by the Ivanti vulnerability as we do not utilize Ivanti for any Melissa commercial web services or products.

Melissa will continue to follow all guidance provided for this vulnerability as necessary to prevent any future risks.