[Security Vulnerability Alert] Ivanti's Xtraction has a high-risk cybersecurity vulnerability (CVE-2026-8043).

 
2026/5/15 ~ 2026/11/15
View Count:51

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202605-00000007

[Content Description]
Ivanti's Xtraction is an IT reporting and data visualization platform that integrates data from different IT systems onto a single dashboard for easy real-time viewing and analysis. Recently, Ivanti released a critical cybersecurity vulnerability announcement (CVE-2026-8043, CVSS: 9.6). This vulnerability allows an authenticated attacker to read sensitive files and write arbitrary HTML files to a website directory.

[Affected Platforms]
Ivanti Xtraction 2026.1 and earlier versions

[Recommended Action]
Please update to Ivanti Xtraction 2026.2 or later.

Files
None
【Back】
Top↑