From 032919d5651389302f33e0a4637ea18db7bbebab Mon Sep 17 00:00:00 2001
From: JadonWill <117053393+JadonWill@users.noreply.github.com>
Date: Wed, 4 Sep 2024 11:05:03 +0800
Subject: [PATCH] Update 20240904001

Updated content to match the Template.
---
 ...ti-Critical-Vulnerability-PoC-Published.md | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/docs/advisories/20240904001-Ivanti-Critical-Vulnerability-PoC-Published.md b/docs/advisories/20240904001-Ivanti-Critical-Vulnerability-PoC-Published.md
index dba91550..b9338a81 100644
--- a/docs/advisories/20240904001-Ivanti-Critical-Vulnerability-PoC-Published.md
+++ b/docs/advisories/20240904001-Ivanti-Critical-Vulnerability-PoC-Published.md
@@ -1,26 +1,23 @@
+# Ivanti Critical Vulnerability PoC Published - 20240904001
+
 ## Overview
 
 Ivanti released updates for Ivanti Virtual Traffic Manager (vTM) which addressed a critical vulnerability. Successful exploitation could lead to authentication bypass and creation of an administrator user.
 
 ## What is vulnerable?
 
-| Product Name                   | Affected Version(s) | Resolved Version(s) | Patch Availability                                                |
-| ------------------------------ | ------------------- | ------------------- | ----------------------------------------------------------------- |
-| Ivanti Virtual Traffic Manager | 22.2                | 22.2R1              | [Available](https://portal.ivanti.com/customer/product-downloads) |
-| Ivanti Virtual Traffic Manager | 22.3                | 22.3R3              | [Available](https://portal.ivanti.com/customer/product-downloads) |
-| Ivanti Virtual Traffic Manager | 22.3R2              | 22.3R3              | [Available](https://portal.ivanti.com/customer/product-downloads) |
-| Ivanti Virtual Traffic Manager | 22.5R1              | 22.5R2              | [Available](https://portal.ivanti.com/customer/product-downloads) |
-| Ivanti Virtual Traffic Manager | 22.6R1              | 22.6R2              | [Available](https://portal.ivanti.com/customer/product-downloads) |
-| Ivanti Virtual Traffic Manager | 22.7R1              | 22.7R2              | [Available](https://portal.ivanti.com/customer/product-downloads) |
+| Product(s) Affected | Version(s) | CVE # | CVSS v4/v3 | Severity |
+| --- | --- | --- | --- | --- |
+| Ivanti Virtual Traffic Manager | 22.2 < 22.2R1 <br> 22.3 < 22.3R3 <br>22.3R2 < 22.3R3 <br> 22.5R1 < 22.5R2 <br> 22.6R1 < 22.6R2 <br> 22.7R1 < 22.7R2 | [CVE-2024-7593](https://nvd.nist.gov/vuln/detail/CVE-2024-7593) | 9.8 | Critical |
 
 ## What has been observed?
 
+Ivanti is not aware of any customers being exploited by this vulnerability at the time of disclosure, however a Proof of Concept is publicly available.
 There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
 
 ## Recommendation
 
-The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe (refer [Patch Management](../guidelines/patch-management.md)):
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)):
 
-## Reference
+- Vendor article: <https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593?language=en_US>
 
-- [Security Advisory: Ivanti Virtual Traffic Manager (vTM ) (CVE-2024-7593)](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593?language=en_US)