An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credentia...
Description
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
CISA KEV Details
Deadline: March 22, 2026
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
---METADATA---
VENDOR: Kubernetes
PRODUCT: ingress-nginx
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A security issue has been discovered in ingress-nginx involving the 'nginx' configuration handling. This vulnerability could lead to unauthorized access or configuration bypass.
Executive Summary:
The ingress-nginx controller contains a high-severity security flaw that may allow attackers to bypass intended ingress rules and gain unauthorized access to backend services.
Vulnerability Details
CVE-ID: CVE-2026-1580
Affected Software: ingress-nginx
Affected Versions: See vendor advisory for affected versions
Vulnerability: This vulnerability pertains to how ingress-nginx processes specific configuration directives. An attacker could potentially craft requests that exploit these configuration weaknesses to bypass security controls or access internal resources they are not authorized to reach.
Business Impact
A compromise of the ingress controller can expose all backend microservices to unauthorized traffic. This could lead to data breaches, service disruption, and a total breakdown of the Kubernetes cluster's perimeter security. The CVSS score of 8.8 reflects the high potential for widespread impact.
Remediation Plan
Immediate Action: Upgrade the ingress-nginx controller to the latest patched version recommended by the Kubernetes maintainers.
Proactive Monitoring: Review Nginx access and error logs for unusual request patterns that might indicate an attempt to bypass ingress rules.
Compensating Controls: Implement Network Policies within the Kubernetes cluster to provide defense-in-depth, ensuring that even if the ingress is bypassed, backend services are restricted.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of February 5, 2026, there is no public information indicating active exploitation. Ingress controllers are critical infrastructure components, and vulnerabilities in them are high-priority targets for sophisticated attackers.
Analyst Recommendation
Maintaining the security of the ingress layer is vital for the overall health of a Kubernetes environment. Organizations must apply the necessary updates to ingress-nginx immediately to ensure the integrity of their service boundaries.