Medium severity6.8NVD Advisory· Published Jul 12, 2025· Updated Apr 15, 2026

CVE-2023-39338

Description

Enables an authenticated user (enrolled device) to access a service protected by Sentry even if they are not authorized according to the sentry policy to access that service. It does not enable the user to authenticate to or use the service, it just provides the tunnel access.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

forums.ivanti.com/s/article/CVE-2023-39338nvd

News mentions

No linked articles in our index yet.

cvss	0.442
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000