Ivanti Exploit Risks?

Well, this is an open question.

Are the machines fully patched? Do they run antivirus? Do you have a firewall in place? That stops a good number of attacks.

But then have you got security hardening applied? Is there potentially a new exploit or unknown vulnerability?

You wouldn’t willingly let an attacker into your network would you? So don’t allow your machines to connect to compromised or potentially compromised networks.

I feel this conversation is irrelevant now as you clearly have no understanding whatsoever of real world security.

Since we are not managing or hosting the Ivanti hardware and merely routing through it to a third network, management wants documentation showing there any danger to us before stopping anyone from using it.

I didn’t see anything about that in the CVE unless I looked at the wrong one or missed it.

Otherwise, they believe it’s the VPN host’s risk to deal with.

Yeah you don’t understand this in the slightest and clearly neither do your management.

And you are just being needlessly antagonistic.