Vulnerability-Lookup - Search a vulnerability

https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.410Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An information disclosure vulnerability in meeting of Pulse Connect Secure \u003c9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "Information Disclosure (CWE-200)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-30T12:53:02",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8216",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An information disclosure vulnerability in meeting of Pulse Connect Secure \u003c9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure (CWE-200)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8216",
    "datePublished": "2020-07-30T12:53:02",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:27.410Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-12058 (GCVE-0-2024-12058)

Vulnerability from cvelistv5

Published

2025-02-11 15:21

Modified

2025-02-11 15:35

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-73 - External Control of File Name or Path

Summary

External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.6

Patch: 22.7R1.3

Show details on NVD website

https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12058",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T15:32:02.167372Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T15:35:20.850Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.6",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExternal control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-137",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-137 Parameter Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73: External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T15:21:18.279Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-12058",
    "datePublished": "2025-02-11T15:21:18.279Z",
    "dateReserved": "2024-12-02T20:28:49.218Z",
    "dateUpdated": "2025-02-11T15:35:20.850Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-22457 (GCVE-0-2025-22457)

Vulnerability from cvelistv5

Published

2025-04-03 15:20

Modified

2025-07-30 01:36

Severity ?

9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.6

	Ivanti	Policy Secure	Patch: 22.7R1.4
	Ivanti	Neurons for ZTA gateways	Patch: 22.8R2.2

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-22457",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-24T03:55:18.340082Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-04-04",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22457"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:36:15.776Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2025-04-04T00:00:00+00:00",
            "value": "CVE-2025-22457 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.6",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.4",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Neurons for ZTA gateways",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.8R2.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.\u003c/span\u003e"
            }
          ],
          "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-03T15:20:23.628Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2025-22457",
    "datePublished": "2025-04-03T15:20:23.628Z",
    "dateReserved": "2025-01-07T02:19:22.796Z",
    "dateUpdated": "2025-07-30T01:36:15.776Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0283 (GCVE-0-2025-0283)

Vulnerability from cvelistv5

Published

2025-01-08 22:15

Modified

2025-01-09 17:41

Severity ?

7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.5

	Ivanti	Policy Secure	Version: 22.7R1.2 <
	Ivanti	Neurons for ZTA gateways	Patch: 22.7R2.5

Show details on NVD website

https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0283",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-09T15:56:25.438413Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-09T17:41:24.544Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.5",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "affected",
              "version": "22.7R1.2",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Neurons for ZTA gateways",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-08T22:15:59.822Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2025-0283",
    "datePublished": "2025-01-08T22:15:59.822Z",
    "dateReserved": "2025-01-06T16:53:11.756Z",
    "dateUpdated": "2025-01-09T17:41:24.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0293 (GCVE-0-2025-0293)

Vulnerability from cvelistv5

Published

2025-07-08 15:33

Modified

2025-07-08 16:02

Severity ?

6.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L

CWE

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

Summary

CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to write to a protected configuration file on disk.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.8

Patch: 22.7R1.5

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0293",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T16:02:39.689364Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T16:02:46.037Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.8",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to write to a protected configuration file on disk.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to write to a protected configuration file on disk."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-75",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-75 Manipulating Writeable Configuration Files"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-93",
              "description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T15:33:05.165Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2025-0293",
    "datePublished": "2025-07-08T15:33:05.165Z",
    "dateReserved": "2025-01-07T02:28:05.650Z",
    "dateUpdated": "2025-07-08T16:02:46.037Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39709 (GCVE-0-2024-39709)

Vulnerability from cvelistv5

Published

2024-11-13 01:54

Modified

2024-11-23 21:06

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.6R2 < 22.6R2

Version: 22.7R1 < 22.7R1

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.6R2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.6R1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-39709",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T18:12:49.534551Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-732",
                "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T18:15:21.838Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.6R2",
              "status": "affected",
              "version": "22.6R2",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R1",
              "status": "affected",
              "version": "22.7R1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-23T21:06:04.916Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-39709",
    "datePublished": "2024-11-13T01:54:45.448Z",
    "dateReserved": "2024-06-28T01:04:08.820Z",
    "dateUpdated": "2024-11-23T21:06:04.916Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-35254 (GCVE-0-2022-35254)

Vulnerability from cvelistv5

Published

2022-12-05 00:00

Modified

2025-04-24 14:43

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-416 - Use After Free ()

Summary

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

References

►

URL

Tags

Impacted products

	Vendor	Product	Version
	n/a	Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Neurons for Zero Trust Access Gateway	Version: ICS Prior to 9.1R14.3,9.1R15.2,9.1R16.2 and 22.2R4 and 22.2R1, IPS Prior to 9.1R17 and 22.3R1, Ivanti Neurons for Zero Trust Access Gateway Prior to 22.3R1

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T09:29:17.468Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-35254",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-24T14:43:09.538947Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-24T14:43:33.701Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Neurons for Zero Trust Access Gateway",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ICS Prior to 9.1R14.3,9.1R15.2,9.1R16.2 and 22.2R4 and 22.2R1, IPS Prior to 9.1R17 and 22.3R1, Ivanti Neurons for Zero Trust Access Gateway Prior to 22.3R1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free (CWE-416)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-05T00:00:00.000Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2022-35254",
    "datePublished": "2022-12-05T00:00:00.000Z",
    "dateReserved": "2022-07-06T00:00:00.000Z",
    "dateUpdated": "2025-04-24T14:43:33.701Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-46805 (GCVE-0-2023-46805)

Vulnerability from cvelistv5

Published

2024-01-12 17:02

Modified

2025-07-30 01:37

Severity ?

8.2 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Summary

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

References

►

URL

Tags

	https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
	http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html

Impacted products

Vendor

Product

Version

►

Version: 9.1R18 ≤ 9.1R18
Version: 22.6R2 ≤ 22.6R2

Version: 9.1R18 ≤ 9.1R18
Version: 22.6R1 ≤ 22.6R1

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:53:21.908Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-46805",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T18:56:43.532172Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-01-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46805"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:09.405Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2024-01-10T00:00:00+00:00",
            "value": "CVE-2023-46805 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ICS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.6R2",
              "status": "affected",
              "version": "22.6R2",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "IPS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.6R1",
              "status": "affected",
              "version": "22.6R1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-22T17:06:19.758Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
        },
        {
          "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2023-46805",
    "datePublished": "2024-01-12T17:02:16.452Z",
    "dateReserved": "2023-10-27T01:00:13.399Z",
    "dateUpdated": "2025-07-30T01:37:09.405Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11004 (GCVE-0-2024-11004)

Vulnerability from cvelistv5

Published

2024-11-12 16:09

Modified

2025-04-04 14:34

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Summary

Reflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.1

Patch: 22.7R1.1

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7R2.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7R1.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11004",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-04T14:34:14.526993Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-04T14:34:21.002Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eReflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "Reflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-591",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-591 Reflected XSS"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-21T16:45:21.591Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-11004",
    "datePublished": "2024-11-12T16:09:19.437Z",
    "dateReserved": "2024-11-07T21:56:04.757Z",
    "dateUpdated": "2025-04-04T14:34:21.002Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-47905 (GCVE-0-2024-47905)

Vulnerability from cvelistv5

Published

2024-11-12 15:56

Modified

2024-11-12 18:35

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.3

Patch: 22.7R1.2

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47905",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T18:35:29.588357Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T18:35:42.210Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T15:56:13.827Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-47905",
    "datePublished": "2024-11-12T15:56:13.827Z",
    "dateReserved": "2024-10-04T19:25:07.889Z",
    "dateUpdated": "2024-11-12T18:35:42.210Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8204 (GCVE-0-2020-8204)

Vulnerability from cvelistv5

Published

2020-07-30 12:53

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-79 - Cross-site Scripting (XSS) - DOM ()

Summary

A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure	Version: Fixed in 9.1R5

Show details on NVD website

https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.562Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure \u003c9.1R5 on the PSAL Page."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Cross-site Scripting (XSS) - DOM (CWE-79)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-30T12:53:02",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8204",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure \u003c9.1R5 on the PSAL Page."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-site Scripting (XSS) - DOM (CWE-79)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8204",
    "datePublished": "2020-07-30T12:53:02",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:27.562Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-22053 (GCVE-0-2024-22053)

Vulnerability from cvelistv5

Published

2024-04-04 19:45

Modified

2024-10-03 21:40

Severity ?

8.2 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Summary

A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.1R6.2   ≤
Version: 22.2R4.2   ≤
Version: 22.3R1.2   ≤
Version: 22.4R1.2   ≤
Version: 22.4R2.4   ≤
Version: 22.5R1.3   ≤
Version: 22.5R2.4   ≤
Version: 22.6R2.3   ≤
Version: 9.1R14.6   ≤
Version: 9.1R15.4   ≤
Version: 9.1R16.4   ≤
Version: 9.1R17.4   ≤
Version: 9.1R18.5   ≤

Version: 22.4R1.2   ≤
Version: 22.5R1.3   ≤
Version: 22.6R1.2   ≤
Version: 9.1R16.4   ≤
Version: 9.1R17.4   ≤
Version: 9.1R18.5   ≤

Show details on NVD website

https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.1R18.5"
              },
              {
                "status": "affected",
                "version": "22.6R2.3"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "22.2R3"
              },
              {
                "status": "affected",
                "version": "22.5R2.4"
              },
              {
                "status": "affected",
                "version": "9.1R14.6"
              },
              {
                "status": "affected",
                "version": "9.1R15.4"
              },
              {
                "status": "affected",
                "version": "22.2R4.2"
              },
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "22.1R6.2"
              },
              {
                "status": "affected",
                "version": "22.3R1.2"
              },
              {
                "status": "affected",
                "version": "22.4R2.4"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.5R1.3"
              },
              {
                "status": "affected",
                "version": "9.1R18.5"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "22.2R3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.1R18.5"
              },
              {
                "status": "affected",
                "version": "22.6R2.3"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "22.2R3"
              },
              {
                "status": "affected",
                "version": "22.5R2.4"
              },
              {
                "status": "affected",
                "version": "9.1R14.6"
              },
              {
                "status": "affected",
                "version": "9.1R15.4"
              },
              {
                "status": "affected",
                "version": "22.2R4.2"
              },
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "22.1R6.2"
              },
              {
                "status": "affected",
                "version": "22.3R1.2"
              },
              {
                "status": "affected",
                "version": "22.4R2.4"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "9.1R16.4"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "9.1R18.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22053",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-05T15:29:40.880404Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-703",
                "description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T21:40:00.903Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.816Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.1R6.2",
              "status": "affected",
              "version": "22.1R6.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R4.2",
              "status": "affected",
              "version": "22.2R4.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R1.2",
              "status": "affected",
              "version": "22.3R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2.4",
              "status": "affected",
              "version": "22.4R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.3",
              "status": "affected",
              "version": "22.5R1.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R2.4",
              "status": "affected",
              "version": "22.5R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R2.3",
              "status": "affected",
              "version": "22.6R2.3",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R14.6",
              "status": "affected",
              "version": "9.1R14.6",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R15.4",
              "status": "affected",
              "version": "9.1R15.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.3",
              "status": "affected",
              "version": "22.5R1.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R1.2",
              "status": "affected",
              "version": "22.6R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x\n 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-04T19:45:10.175Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-22053",
    "datePublished": "2024-04-04T19:45:10.175Z",
    "dateReserved": "2024-01-05T01:04:06.642Z",
    "dateUpdated": "2024-10-03T21:40:00.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11634 (GCVE-0-2024-11634)

Vulnerability from cvelistv5

Published

2024-12-10 18:48

Modified

2024-12-14 04:55

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Summary

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. (Not applicable to 9.1Rx)

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.3

Patch: 22.7R1.2

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11634",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-13T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-14T04:55:16.905Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCommand injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. (Not applicable to 9.1Rx)\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. (Not applicable to 9.1Rx)"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-10T18:48:29.024Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-11634",
    "datePublished": "2024-12-10T18:48:29.024Z",
    "dateReserved": "2024-11-22T18:01:03.566Z",
    "dateUpdated": "2024-12-14T04:55:16.905Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8217 (GCVE-0-2020-8217)

Vulnerability from cvelistv5

Published

2020-07-30 12:53

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-79 - Cross-site Scripting (XSS) - Reflected ()

Summary

A cross site scripting (XSS) vulnerability in Pulse Connect Secure <9.1R8 allowed attackers to exploit in the URL used for Citrix ICA.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure	Version: Fixed in 9.1R8

Show details on NVD website

https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.493Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross site scripting (XSS) vulnerability in Pulse Connect Secure \u003c9.1R8 allowed attackers to exploit in the URL used for Citrix ICA."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Cross-site Scripting (XSS) - Reflected (CWE-79)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-30T12:53:02",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8217",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cross site scripting (XSS) vulnerability in Pulse Connect Secure \u003c9.1R8 allowed attackers to exploit in the URL used for Citrix ICA."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-site Scripting (XSS) - Reflected (CWE-79)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8217",
    "datePublished": "2020-07-30T12:53:02",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:27.493Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-21894 (GCVE-0-2024-21894)

Vulnerability from cvelistv5

Published

2024-04-04 22:16

Modified

2024-10-03 21:43

Severity ?

8.2 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Summary

A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.1R6.2   ≤
Version: 22.2R4.2   ≤
Version: 22.3R1.2   ≤
Version: 22.4R1.2   ≤
Version: 22.4R2.4   ≤
Version: 22.5R1.3   ≤
Version: 22.5R2.4   ≤
Version: 22.6R2.3   ≤
Version: 9.1R14.6   ≤
Version: 9.1R15.4   ≤
Version: 9.1R16.4   ≤
Version: 9.1R17.4   ≤
Version: 9.1R18.5   ≤

Version: 22.4R1.2   ≤
Version: 22.6R1.2   ≤
Version: 9.1R16.4   ≤
Version: 9.1R17.4   ≤
Version: 9.1R18.5   ≤

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.1R6.2"
              },
              {
                "status": "affected",
                "version": "22.2R4.2"
              },
              {
                "status": "affected",
                "version": "22.3R1.2"
              },
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.4R2.4"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              },
              {
                "status": "affected",
                "version": "22.5R2.4"
              },
              {
                "status": "affected",
                "version": "22.6R2.3"
              },
              {
                "status": "affected",
                "version": "9.1R14.6"
              },
              {
                "status": "affected",
                "version": "9.1R15.4"
              },
              {
                "status": "affected",
                "version": "9.1R16.4"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "9.1R18.5"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "9.1R16.4"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "9.1R18.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21894",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-05T16:37:42.930659Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-703",
                "description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T21:43:40.315Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:33.424Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.1R6.2",
              "status": "affected",
              "version": "22.1R6.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R4.2",
              "status": "affected",
              "version": "22.2R4.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R1.2",
              "status": "affected",
              "version": "22.3R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2.4",
              "status": "affected",
              "version": "22.4R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.3",
              "status": "affected",
              "version": "22.5R1.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R2.4",
              "status": "affected",
              "version": "22.5R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R2.3",
              "status": "affected",
              "version": "22.6R2.3",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R14.6",
              "status": "affected",
              "version": "9.1R14.6",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R15.4",
              "status": "affected",
              "version": "9.1R15.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R1.2",
              "status": "affected",
              "version": "22.6R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code "
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-04T22:16:29.330Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-21894",
    "datePublished": "2024-04-04T22:16:29.330Z",
    "dateReserved": "2024-01-03T01:04:06.539Z",
    "dateUpdated": "2024-10-03T21:43:40.315Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-11509 (GCVE-0-2019-11509)

Vulnerability from cvelistv5

Published

2019-06-03 19:34

Modified

2024-08-04 22:55

Severity ?

CWE

n/a

Summary

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance.

References

►

URL

Tags

	https://kb.pulsesecure.net/?atype=sa	x_refsource_MISC
	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/	x_refsource_CONFIRM
	https://www.kb.cert.org/vuls/id/927237	third-party-advisory, x_refsource_CERT-VN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.698Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/?atype=sa"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"
          },
          {
            "name": "VU#927237",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/927237"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-16T17:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/?atype=sa"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"
        },
        {
          "name": "VU#927237",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/927237"
        }
      ],
      "x_ConverterErrors": {
        "cvssV3_0": {
          "error": "CVSSV3_0 data from v4 record is invalid",
          "message": "Missing mandatory metrics \"AV\""
        }
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11509",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AC:H/A:H/C:H/I:H/PR:H/S:U/UI:R",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/?atype=sa",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/?atype=sa"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"
            },
            {
              "name": "VU#927237",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/927237"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11509",
    "datePublished": "2019-06-03T19:34:46",
    "dateReserved": "2019-04-24T00:00:00",
    "dateUpdated": "2024-08-04T22:55:40.698Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-21887 (GCVE-0-2024-21887)

Vulnerability from cvelistv5

Published

2024-01-12 17:02

Modified

2025-07-30 01:37

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.

References

►

URL

Tags

	https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
	http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html

Impacted products

Vendor

Product

Version

►

Version: 9.1R18 <
Version: 22.6R2 <

Version: 9.1R18 <
Version: 22.6R1 <

Show details on NVD website

https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:33.413Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21887",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T18:55:58.242603Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-01-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-77",
                "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:09.279Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2024-01-10T00:00:00+00:00",
            "value": "CVE-2024-21887 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ICS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "22.6R2",
              "status": "affected",
              "version": "22.6R2",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "IPS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "22.6R1",
              "status": "affected",
              "version": "22.6R1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-22T17:06:21.273Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
        },
        {
          "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-21887",
    "datePublished": "2024-01-12T17:02:16.481Z",
    "dateReserved": "2024-01-03T01:04:06.538Z",
    "dateUpdated": "2025-07-30T01:37:09.279Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-10644 (GCVE-0-2024-10644)

Vulnerability from cvelistv5

Published

2025-02-11 15:20

Modified

2025-02-13 04:55

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Summary

Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.4

Patch: 22.7R1.3

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10644",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-13T04:55:16.809Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.4",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCode injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-242",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-242 Code Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T15:20:46.680Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-10644",
    "datePublished": "2025-02-11T15:20:46.680Z",
    "dateReserved": "2024-10-31T19:32:56.456Z",
    "dateUpdated": "2025-02-13T04:55:16.809Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39710 (GCVE-0-2024-39710)

Vulnerability from cvelistv5

Published

2024-11-13 01:54

Modified

2024-12-01 18:25

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.7R2.1 < 22.7R2.1
Version: 9.1R18.7 < 9.1R18.7

Version: 22.7R1.1 < 22.7R1.1

Show details on NVD website

https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7_r2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "9.1_r18.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7_r1.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39710",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:13:40.758458Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-88",
                "description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:14:55.844Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R2.1",
              "status": "affected",
              "version": "22.7R2.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1R18.7",
              "status": "affected",
              "version": "9.1R18.7",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R1.1",
              "status": "affected",
              "version": "22.7R1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-01T18:25:55.773Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-39710",
    "datePublished": "2024-11-13T01:54:45.384Z",
    "dateReserved": "2024-06-28T01:04:08.820Z",
    "dateUpdated": "2024-12-01T18:25:55.773Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-22023 (GCVE-0-2024-22023)

Vulnerability from cvelistv5

Published

2024-04-04 19:45

Modified

2024-10-03 21:38

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.1R6.2   ≤
Version: 22.2R4.2   ≤
Version: 22.3R1.2   ≤
Version: 22.4R1.2   ≤
Version: 22.4R2.4   ≤
Version: 22.5R1.3   ≤
Version: 22.5R2.4   ≤
Version: 22.6R2.3   ≤
Version: 9.1R14.6   ≤
Version: 9.1R15.4   ≤
Version: 9.1R16.4   ≤
Version: 9.1R17.4   ≤
Version: 9.1R18.5   ≤

Version: 22.4R1.2   ≤
Version: 22.5R1.3   ≤
Version: 22.6R1.2   ≤
Version: 9.1R16.4   ≤
Version: 9.1R17.4   ≤
Version: 9.1R18.5   ≤

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.1R18.5"
              },
              {
                "status": "affected",
                "version": "22.6R2.3"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "22.2R3"
              },
              {
                "status": "affected",
                "version": "22.5R2.4"
              },
              {
                "status": "affected",
                "version": "9.1R14.6"
              },
              {
                "status": "affected",
                "version": "9.1R15.4"
              },
              {
                "status": "affected",
                "version": "22.2R4.2"
              },
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "22.1R6.2"
              },
              {
                "status": "affected",
                "version": "22.3R1.2"
              },
              {
                "status": "affected",
                "version": "22.4R2.4"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "9.1R16.4"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "9.1R18.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22023",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-05T13:19:01.057408Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-703",
                "description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T21:38:58.416Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.713Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.1R6.2",
              "status": "affected",
              "version": "22.1R6.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R4.2",
              "status": "affected",
              "version": "22.2R4.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R1.2",
              "status": "affected",
              "version": "22.3R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2.4",
              "status": "affected",
              "version": "22.4R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.3",
              "status": "affected",
              "version": "22.5R1.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R2.4",
              "status": "affected",
              "version": "22.5R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R2.3",
              "status": "affected",
              "version": "22.6R2.3",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R14.6",
              "status": "affected",
              "version": "9.1R14.6",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R15.4",
              "status": "affected",
              "version": "9.1R15.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.3",
              "status": "affected",
              "version": "22.5R1.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R1.2",
              "status": "affected",
              "version": "22.6R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS. "
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-04T19:45:10.162Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-22023",
    "datePublished": "2024-04-04T19:45:10.162Z",
    "dateReserved": "2024-01-04T01:04:06.574Z",
    "dateUpdated": "2024-10-03T21:38:58.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8219 (GCVE-0-2020-8219)

Vulnerability from cvelistv5

Published

2020-07-30 12:53

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-280 - Improper Handling of Insufficient Permissions or Privileges ()

Summary

An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to change the password of a full administrator.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure	Version: Fixed in 9.1R8

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.612Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An insufficient permission check vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allows an attacker to change the password of a full administrator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-280",
              "description": "Improper Handling of Insufficient Permissions or Privileges (CWE-280)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-30T12:53:02",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8219",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An insufficient permission check vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allows an attacker to change the password of a full administrator."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Handling of Insufficient Permissions or Privileges (CWE-280)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8219",
    "datePublished": "2020-07-30T12:53:02",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:27.612Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9420 (GCVE-0-2024-9420)

Vulnerability from cvelistv5

Published

2024-11-12 15:57

Modified

2025-03-13 15:31

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Summary

A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.3

Patch: 22.7R1.2

Show details on NVD website

https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7R2.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7R1.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-9420",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T18:33:53.833009Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-13T15:31:10.970Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A use-after-free in Ivanti Connect Secure before version \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e22.7R2.3 and 9.1R18.9\u003c/span\u003e\n\n and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution"
            }
          ],
          "value": "A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9\n\n and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129 Pointer Manipulation"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-27T20:21:28.876Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-9420",
    "datePublished": "2024-11-12T15:57:24.947Z",
    "dateReserved": "2024-10-01T20:04:39.852Z",
    "dateUpdated": "2025-03-13T15:31:10.970Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-37401 (GCVE-0-2024-37401)

Vulnerability from cvelistv5

Published

2024-12-11 18:52

Modified

2024-12-12 14:39

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service.

References

►

URL

Tags

Impacted products

	Vendor	Product	Version
	Ivanti	Connect Secure	Version: 22.7R2.1 < 22.7R2.1

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37401",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-12T14:39:20.691415Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-12T14:39:24.747Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R2.1",
              "status": "affected",
              "version": "22.7R2.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-11T18:52:27.527Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-37401",
    "datePublished": "2024-12-11T18:52:27.527Z",
    "dateReserved": "2024-06-08T01:04:07.093Z",
    "dateUpdated": "2024-12-12T14:39:24.747Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8238 (GCVE-0-2020-8238)

Vulnerability from cvelistv5

Published

2020-09-29 13:41

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-79 - Cross-site Scripting (XSS) - Generic ()

Summary

A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure < 9.1R8.2 could allow attackers to conduct Cross-Site Scripting (XSS).

References

►

URL

Tags

	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588	x_refsource_MISC
	https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Pulse Secure	Pulse Connect Secure/ Pulse Policy Secure	Version: Fixed in 9.1R8.2

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.951Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure/ Pulse Policy Secure",
          "vendor": "Pulse Secure",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R8.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure \u003c 9.1R8.2 could allow attackers to conduct Cross-Site Scripting (XSS)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Cross-site Scripting (XSS) - Generic (CWE-79)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-01T14:27:38",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8238",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure/ Pulse Policy Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R8.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Pulse Secure"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure \u003c 9.1R8.2 could allow attackers to conduct Cross-Site Scripting (XSS)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-site Scripting (XSS) - Generic (CWE-79)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
            },
            {
              "name": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/",
              "refsource": "MISC",
              "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8238",
    "datePublished": "2020-09-29T13:41:05",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:27.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8261 (GCVE-0-2020-8261)

Vulnerability from cvelistv5

Published

2020-10-28 12:47

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-120 - Classic Buffer Overflow ()

Summary

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure / Pulse Policy Secure	Version: 9.1R9

Show details on NVD website

https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:28.147Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure / Pulse Policy Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "9.1R9"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Pulse Connect Secure / Pulse Policy Secure \u003c 9.1R9 is vulnerable to arbitrary cookie injection."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Classic Buffer Overflow (CWE-120)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-28T12:47:36",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8261",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure / Pulse Policy Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "9.1R9"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Pulse Connect Secure / Pulse Policy Secure \u003c 9.1R9 is vulnerable to arbitrary cookie injection."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Classic Buffer Overflow (CWE-120)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8261",
    "datePublished": "2020-10-28T12:47:36",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:28.147Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5451 (GCVE-0-2025-5451)

Vulnerability from cvelistv5

Published

2025-07-08 15:02

Modified

2025-07-08 20:43

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.8

Patch: 22.7R1.5

Show details on NVD website

https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5451",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T20:43:30.880095Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T20:43:37.606Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.8",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T15:02:00.522Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2025-5451",
    "datePublished": "2025-07-08T15:02:00.522Z",
    "dateReserved": "2025-06-02T07:49:21.020Z",
    "dateUpdated": "2025-07-08T20:43:37.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-22024 (GCVE-0-2024-22024)

Vulnerability from cvelistv5

Published

2024-02-13 04:07

Modified

2025-05-09 18:26

Severity ?

8.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Summary

An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 9.1R14.5   ≤
Version: 9.1R17.3   ≤
Version: 9.1R18.4   ≤
Version: 22.1R6.1   ≤
Version: 22.2R4.1   ≤
Version: 22.3R1.1   ≤
Version: 22.4R1.1   ≤
Version: 22.5R1.2   ≤
Version: 22.6R1.1   ≤
Version: 22.4R2.3   ≤
Version: 22.5R2.3   ≤
Version: 22.6R2.2   ≤

	Ivant	ICS	Version: 9.1R15.3 ≤
	Ivanti	IPS	Version: 9.1R18.4 ≤ Version: 9.1R17.3 ≤ Version: 22.5R1.2 ≤

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.846Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22024",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-16T19:34:58.517182Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-611",
                "description": "CWE-611 Improper Restriction of XML External Entity Reference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-09T18:26:09.386Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ICS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "9.1R14.5",
              "status": "affected",
              "version": "9.1R14.5",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.3",
              "status": "affected",
              "version": "9.1R17.3",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.4",
              "status": "affected",
              "version": "9.1R18.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R6.1",
              "status": "affected",
              "version": "22.1R6.1",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R14.4",
              "status": "unaffected",
              "version": "9.1R14.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R15.2",
              "status": "unaffected",
              "version": "9.1R15.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.2",
              "status": "unaffected",
              "version": "9.1R16.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.2",
              "status": "unaffected",
              "version": "9.1R17.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.3",
              "status": "unaffected",
              "version": "9.1R18.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R6.1",
              "status": "unaffected",
              "version": "22.1R6.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R4.1",
              "status": "affected",
              "version": "22.2R4.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R1.1",
              "status": "affected",
              "version": "22.3R1.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R1.1",
              "status": "affected",
              "version": "22.4R1.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.2",
              "status": "affected",
              "version": "22.5R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R1.1",
              "status": "affected",
              "version": "22.6R1.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2.3",
              "status": "affected",
              "version": "22.4R2.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R2.3",
              "status": "affected",
              "version": "22.5R2.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R2.2",
              "status": "affected",
              "version": "22.6R2.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R4.1",
              "status": "unaffected",
              "version": "22.2R4.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R1",
              "status": "unaffected",
              "version": "22.3R1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R1.1",
              "status": "unaffected",
              "version": "22.4R1.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.1",
              "status": "unaffected",
              "version": "22.5R1.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R1.1",
              "status": "unaffected",
              "version": "22.6R1.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2.2",
              "status": "unaffected",
              "version": "22.4R2.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R2.2",
              "status": "unaffected",
              "version": "22.5R2.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R2.2",
              "status": "unaffected",
              "version": "22.6R2.2",
              "versionType": "semver"
            }
          ]
        },
        {
          "product": "ICS",
          "vendor": "Ivant ",
          "versions": [
            {
              "lessThan": "9.1R15.3",
              "status": "affected",
              "version": "9.1R15.3",
              "versionType": "semver"
            }
          ]
        },
        {
          "product": "IPS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "9.1R18.4",
              "status": "affected",
              "version": "9.1R18.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.3",
              "status": "affected",
              "version": "9.1R17.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.2",
              "status": "affected",
              "version": "22.5R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.2",
              "status": "unaffected",
              "version": "9.1R18.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.2",
              "status": "unaffected",
              "version": "9.1R17.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.1",
              "status": "unaffected",
              "version": "22.5R1.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-13T04:07:04.355Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-22024",
    "datePublished": "2024-02-13T04:07:04.355Z",
    "dateReserved": "2024-01-04T01:04:06.574Z",
    "dateUpdated": "2025-05-09T18:26:09.386Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-12880 (GCVE-0-2020-12880)

Vulnerability from cvelistv5

Published

2020-07-27 22:10

Modified

2024-08-04 12:11

Severity ?

CWE

n/a

Summary

An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and can be retrieved. (The source code is otherwise inaccessible because the appliance has its hard disks encrypted, and no root shell is available during normal operation.)

References

►

URL

Tags

	https://kb.pulsesecure.net/?atype=sa	x_refsource_MISC
	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:11:18.205Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/?atype=sa"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-07-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and can be retrieved. (The source code is otherwise inaccessible because the appliance has its hard disks encrypted, and no root shell is available during normal operation.)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-27T22:10:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/?atype=sa"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-12880",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and can be retrieved. (The source code is otherwise inaccessible because the appliance has its hard disks encrypted, and no root shell is available during normal operation.)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/?atype=sa",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/?atype=sa"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-12880",
    "datePublished": "2020-07-27T22:10:12",
    "dateReserved": "2020-05-15T00:00:00",
    "dateUpdated": "2024-08-04T12:11:18.205Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-13842 (GCVE-0-2024-13842)

Vulnerability from cvelistv5

Published

2025-02-11 15:25

Modified

2025-02-11 16:00

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-321 - Use of Hard-coded Cryptographic Key

Summary

A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.3

Patch: 22.7R1.3

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-13842",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T16:00:14.391850Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T16:00:24.402Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321: Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T15:25:49.528Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-13842",
    "datePublished": "2025-02-11T15:25:49.528Z",
    "dateReserved": "2025-02-06T17:12:50.796Z",
    "dateUpdated": "2025-02-11T16:00:24.402Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-47909 (GCVE-0-2024-47909)

Vulnerability from cvelistv5

Published

2024-11-12 16:02

Modified

2024-11-19 17:10

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.3

Patch: 22.7R1.2

Show details on NVD website

https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47909",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:10:09.490623Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T17:10:28.514Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T16:02:28.451Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-47909",
    "datePublished": "2024-11-12T16:02:28.451Z",
    "dateReserved": "2024-10-04T19:25:07.890Z",
    "dateUpdated": "2024-11-19T17:10:28.514Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-38657 (GCVE-0-2024-38657)

Vulnerability from cvelistv5

Published

2025-02-21 01:25

Modified

2025-02-21 15:51

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write arbitrary files.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.7R2.4 < 22.7R2.4

Version: 22.7R1.3 < 22.7R1.3

Show details on NVD website

https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38657",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-21T15:45:47.924803Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-73",
                "description": "CWE-73 External Control of File Name or Path",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-21T15:51:34.076Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R2.4",
              "status": "affected",
              "version": "22.7R2.4",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R1.3",
              "status": "affected",
              "version": "22.7R1.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write arbitrary files."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-21T01:25:43.552Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-38657",
    "datePublished": "2025-02-21T01:25:43.552Z",
    "dateReserved": "2024-06-19T01:04:07.138Z",
    "dateUpdated": "2025-02-21T15:51:34.076Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-21893 (GCVE-0-2024-21893)

Vulnerability from cvelistv5

Published

2024-01-31 17:51

Modified

2025-07-30 01:37

Severity ?

8.2 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Summary

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 9.1R18 ≤ 9.1R18
Version: 22.6R2 ≤ 22.6R2

Version: 9.1R18 ≤ 9.1R18
Version: 22.6R1 ≤ 22.6R1

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.6"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.6"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.5"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "21.9"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "21.12"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21893",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-01T05:00:07.654275Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-01-31",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21893"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-918",
                "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:07.854Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2024-01-31T00:00:00+00:00",
            "value": "CVE-2024-21893 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:33.414Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ICS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.6R2",
              "status": "affected",
              "version": "22.6R2",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "IPS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.6R1",
              "status": "affected",
              "version": "22.6R1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-31T17:51:35.095Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-21893",
    "datePublished": "2024-01-31T17:51:35.095Z",
    "dateReserved": "2024-01-03T01:04:06.539Z",
    "dateUpdated": "2025-07-30T01:37:07.854Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11006 (GCVE-0-2024-11006)

Vulnerability from cvelistv5

Published

2024-11-12 16:06

Modified

2024-11-22 16:32

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Summary

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.1

Patch: 22.7R1.1

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:22.7r2.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7R2.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.7r1.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7r1.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11006",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T19:54:21.424345Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T20:01:11.315Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution."
            }
          ],
          "value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-248",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-248 Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T16:32:34.967Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-11006",
    "datePublished": "2024-11-12T16:06:16.240Z",
    "dateReserved": "2024-11-07T21:56:06.635Z",
    "dateUpdated": "2024-11-22T16:32:34.967Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8243 (GCVE-0-2020-8243)

Vulnerability from cvelistv5

Published

2020-09-29 13:44

Modified

2025-07-30 01:45

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-94 - Code Injection ()

Summary

A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secre	Version: Fixed in 9.1R8.2

Show details on NVD website

https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.945Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.2,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2020-8243",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T18:19:41.193404Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-8243"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:45:35.312Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2020-8243 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secre",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R8.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Pulse Connect Secure \u003c 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Code Injection (CWE-94)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-29T13:44:31.000Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8243",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secre",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R8.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Pulse Connect Secure \u003c 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Code Injection (CWE-94)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8243",
    "datePublished": "2020-09-29T13:44:31.000Z",
    "dateReserved": "2020-01-28T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:45:35.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-13830 (GCVE-0-2024-13830)

Vulnerability from cvelistv5

Published

2025-02-11 15:22

Modified

2025-02-11 15:35

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Summary

Reflected XSS in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.6

Patch: 22.7R1.3

Show details on NVD website

https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-13830",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T15:31:52.991391Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T15:35:20.726Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.6",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eReflected XSS in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "Reflected XSS in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-591",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-591 Reflected XSS"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T15:22:15.945Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-13830",
    "datePublished": "2025-02-11T15:22:15.945Z",
    "dateReserved": "2025-02-04T17:10:09.691Z",
    "dateUpdated": "2025-02-11T15:35:20.726Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-22052 (GCVE-0-2024-22052)

Vulnerability from cvelistv5

Published

2024-04-04 19:45

Modified

2024-10-03 21:40

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.1R6.2   ≤
Version: 22.2R4.2   ≤
Version: 22.3R1.2   ≤
Version: 22.4R1.2   ≤
Version: 22.4R2.4   ≤
Version: 22.5R1.3   ≤
Version: 22.5R2.4   ≤
Version: 22.6R2.3   ≤
Version: 9.1R14.6   ≤
Version: 9.1R15.4   ≤
Version: 9.1R16.4   ≤
Version: 9.1R17.4   ≤
Version: 9.1R18.5   ≤

Version: 22.4R1.2   ≤
Version: 22.5R1.3   ≤
Version: 22.6R1.2   ≤
Version: 9.1R16.4   ≤
Version: 9.1R17.4   ≤
Version: 9.1R18.5   ≤

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.1R18.5"
              },
              {
                "status": "affected",
                "version": "22.6R2.3"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "22.2R3"
              },
              {
                "status": "affected",
                "version": "22.5R2.4"
              },
              {
                "status": "affected",
                "version": "9.1R14.6"
              },
              {
                "status": "affected",
                "version": "9.1R15.4"
              },
              {
                "status": "affected",
                "version": "22.2R4.2"
              },
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "22.1R6.2"
              },
              {
                "status": "affected",
                "version": "22.3R1.2"
              },
              {
                "status": "affected",
                "version": "22.4R2.4"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.5R1.3"
              },
              {
                "status": "affected",
                "version": "9.1R18.5"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "22.2R3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.1R18.5"
              },
              {
                "status": "affected",
                "version": "22.6R2.3"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "22.2R3"
              },
              {
                "status": "affected",
                "version": "22.5R2.4"
              },
              {
                "status": "affected",
                "version": "9.1R14.6"
              },
              {
                "status": "affected",
                "version": "9.1R15.4"
              },
              {
                "status": "affected",
                "version": "22.2R4.2"
              },
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "22.1R6.2"
              },
              {
                "status": "affected",
                "version": "22.3R1.2"
              },
              {
                "status": "affected",
                "version": "22.4R2.4"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "9.1R16.4"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "9.1R18.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22052",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-05T17:35:12.496886Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-703",
                "description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T21:40:23.298Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.818Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.1R6.2",
              "status": "affected",
              "version": "22.1R6.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R4.2",
              "status": "affected",
              "version": "22.2R4.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R1.2",
              "status": "affected",
              "version": "22.3R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2.4",
              "status": "affected",
              "version": "22.4R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.3",
              "status": "affected",
              "version": "22.5R1.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R2.4",
              "status": "affected",
              "version": "22.5R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R2.3",
              "status": "affected",
              "version": "22.6R2.3",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R14.6",
              "status": "affected",
              "version": "9.1R14.6",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R15.4",
              "status": "affected",
              "version": "9.1R15.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.3",
              "status": "affected",
              "version": "22.5R1.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R1.2",
              "status": "affected",
              "version": "22.6R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack "
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-04T19:45:10.169Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-22052",
    "datePublished": "2024-04-04T19:45:10.169Z",
    "dateReserved": "2024-01-05T01:04:06.641Z",
    "dateUpdated": "2024-10-03T21:40:23.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11007 (GCVE-0-2024-11007)

Vulnerability from cvelistv5

Published

2024-11-12 16:05

Modified

2024-11-22 16:32

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Summary

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.1

Patch: 22.7R1.1

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:22.7r2.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7r2.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.7r1.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7r1.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11007",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:12:02.631664Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T17:13:24.967Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution."
            }
          ],
          "value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-248",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-248 Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T16:32:05.425Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-11007",
    "datePublished": "2024-11-12T16:05:26.487Z",
    "dateReserved": "2024-11-07T21:56:07.508Z",
    "dateUpdated": "2024-11-22T16:32:05.425Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39712 (GCVE-0-2024-39712)

Vulnerability from cvelistv5

Published

2024-11-13 01:54

Modified

2024-12-01 18:25

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.7R2.1 < 22.7R2.1
Version: 9.1R18.7 < 9.1R18.7

Version: 22.7R1.1 < 22.7R1.1

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7_r2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "9.1_r18.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7_r1.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39712",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T15:38:11.593771Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-88",
                "description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T15:39:09.252Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R2.1",
              "status": "affected",
              "version": "22.7R2.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1R18.7",
              "status": "affected",
              "version": "9.1R18.7",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R1.1",
              "status": "affected",
              "version": "22.7R1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-01T18:25:55.739Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-39712",
    "datePublished": "2024-11-13T01:54:45.518Z",
    "dateReserved": "2024-06-28T01:04:08.821Z",
    "dateUpdated": "2024-12-01T18:25:55.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-38656 (GCVE-0-2024-38656)

Vulnerability from cvelistv5

Published

2024-11-13 01:54

Modified

2024-12-01 18:25

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.7R2.2 < 22.7R2.2
Version: 9.1R18.9 < 9.1R18.9

Version: 22.7R1.2 < 22.7R1.2

Show details on NVD website

https://forums.ivanti.com/s/article/Security-patch-release-Ivanti-Policy-Secure-22-6R1

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7R2.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "9.1R18.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "automation",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7R1.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-38656",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T18:16:15.635327Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-88",
                "description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T18:18:30.102Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R2.2",
              "status": "affected",
              "version": "22.7R2.2",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1R18.9",
              "status": "affected",
              "version": "9.1R18.9",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R1.2",
              "status": "affected",
              "version": "22.7R1.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-01T18:25:55.799Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-38656",
    "datePublished": "2024-11-13T01:54:45.445Z",
    "dateReserved": "2024-06-19T01:04:07.138Z",
    "dateUpdated": "2024-12-01T18:25:55.799Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-39339 (GCVE-0-2023-39339)

Vulnerability from cvelistv5

Published

2025-07-12 03:31

Modified

2025-07-14 16:08

Severity ?

4.9 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an authenticated administrator can perform an arbitrary file read via a maliciously crafted web request.

References

►

URL

Tags

Impacted products

	Vendor	Product	Version
	Ivanti	Policy Secure	Version: 22.6R1 < 22.6R1

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-39339",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-14T16:05:42.219635Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-22",
                "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-14T16:08:15.813Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.6R1",
              "status": "affected",
              "version": "22.6R1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an authenticated administrator can perform an arbitrary file read via a maliciously crafted web request."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-12T03:31:11.142Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-patch-release-Ivanti-Policy-Secure-22-6R1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2023-39339",
    "datePublished": "2025-07-12T03:31:11.142Z",
    "dateReserved": "2023-07-28T01:00:12.351Z",
    "dateUpdated": "2025-07-14T16:08:15.813Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8220 (GCVE-0-2020-8220)

Vulnerability from cvelistv5

Published

2020-07-30 12:53

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-400 - Denial of Service ()

Summary

A denial of service vulnerability exists in Pulse Connect Secure <9.1R8 that allows an authenticated attacker to perform command injection via the administrator web which can cause DOS.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure	Version: Fixed in 9.1R8

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.763Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial of service vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allows an authenticated attacker to perform command injection via the administrator web which can cause DOS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Denial of Service (CWE-400)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-30T12:53:02",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8220",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A denial of service vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allows an authenticated attacker to perform command injection via the administrator web which can cause DOS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service (CWE-400)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8220",
    "datePublished": "2020-07-30T12:53:02",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:27.763Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-47906 (GCVE-0-2024-47906)

Vulnerability from cvelistv5

Published

2024-11-12 15:59

Modified

2024-11-22 16:31

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-267 - Privilege Defined With Unsafe Actions
CWE-426 - Untrusted Search Path

Summary

Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.4R2 <
Patch: 22.7R2.3

Patch: 22.7R1.2

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThanOrEqual": "22.7r2.2",
                "status": "affected",
                "version": "22.4r2",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "22.7r2.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7r1.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47906",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:05:21.868816Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T17:09:52.201Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "22.7R2.2",
              "status": "affected",
              "version": "22.4R2",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "22.7R2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges."
            }
          ],
          "value": "Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-267",
              "description": "CWE-267: Privilege Defined With Unsafe Actions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T16:31:00.963Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-47906",
    "datePublished": "2024-11-12T15:59:53.269Z",
    "dateReserved": "2024-10-04T19:25:07.889Z",
    "dateUpdated": "2024-11-22T16:31:00.963Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8206 (GCVE-0-2020-8206)

Vulnerability from cvelistv5

Published

2020-07-30 12:53

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-287 - Improper Authentication - Generic ()

Summary

An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure	Version: Fixed in 9.1R8

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.638Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper authentication vulnerability exists in Pulse Connect Secure \u003c9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "Improper Authentication - Generic (CWE-287)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-30T12:53:02",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8206",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper authentication vulnerability exists in Pulse Connect Secure \u003c9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Authentication - Generic (CWE-287)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8206",
    "datePublished": "2020-07-30T12:53:02",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:27.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8222 (GCVE-0-2020-8222)

Vulnerability from cvelistv5

Published

2020-07-30 12:53

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-22 - Path Traversal ()

Summary

A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability through Meeting.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure	Version: Fixed in 9.1R8

Show details on NVD website

https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.511Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A path traversal vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability through Meeting."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "Path Traversal (CWE-22)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-30T12:53:02",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8222",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A path traversal vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability through Meeting."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Path Traversal (CWE-22)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8222",
    "datePublished": "2020-07-30T12:53:02",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:27.511Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0292 (GCVE-0-2025-0292)

Vulnerability from cvelistv5

Published

2025-07-08 15:33

Modified

2025-07-09 20:48

Severity ?

5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

CWE

CWE-918 - Server-Side Request Forgery (SSRF)

Summary

SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to access internal network services.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.8

Patch: 22.7R1.5

Show details on NVD website

https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0292",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-09T20:48:02.667968Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-09T20:48:09.166Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.8",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eS\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSRF\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e in \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIvanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallows \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ea remote authenticated attacker\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ewith admin rights to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eaccess internal network services.\u003c/span\u003e"
            }
          ],
          "value": "SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to access internal network services."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-664",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-664 Server Side Request Forgery"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918 Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T15:33:24.245Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2025-0292",
    "datePublished": "2025-07-08T15:33:24.245Z",
    "dateReserved": "2025-01-07T02:19:30.640Z",
    "dateUpdated": "2025-07-09T20:48:09.166Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-37377 (GCVE-0-2024-37377)

Vulnerability from cvelistv5

Published

2024-12-11 18:52

Modified

2024-12-12 14:46

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A heap-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service.

References

►

URL

Tags

Impacted products

	Vendor	Product	Version
	Ivanti	Connect Secure	Version: 22.7R2.3 < 22.7R2.3

Show details on NVD website

https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37377",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-12T14:44:57.587571Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-12T14:46:24.352Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R2.3",
              "status": "affected",
              "version": "22.7R2.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-11T18:52:27.462Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-37377",
    "datePublished": "2024-12-11T18:52:27.462Z",
    "dateReserved": "2024-06-07T01:04:06.870Z",
    "dateUpdated": "2024-12-12T14:46:24.352Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-21888 (GCVE-0-2024-21888)

Vulnerability from cvelistv5

Published

2024-01-31 17:51

Modified

2025-06-03 18:46

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 9.1R18 ≤ 9.1R18
Version: 22.6R2 ≤ 22.6R2

Version: 9.1R18 ≤ 9.1R18
Version: 22.6R1 ≤ 22.6R1

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "10.0",
                "status": "affected",
                "version": "9.0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:22.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "23.0",
                "status": "affected",
                "version": "22.0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "23.0",
                "status": "affected",
                "version": "22.0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "10.0",
                "status": "affected",
                "version": "9.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21888",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "No"
                  },
                  {
                    "Technical Impact": "Total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T17:43:32.387135Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-269",
                "description": "CWE-269 Improper Privilege Management",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T18:46:20.638Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:33.407Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ICS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.6R2",
              "status": "affected",
              "version": "22.6R2",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "IPS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.6R1",
              "status": "affected",
              "version": "22.6R1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator. "
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-31T17:51:34.941Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-21888",
    "datePublished": "2024-01-31T17:51:34.941Z",
    "dateReserved": "2024-01-03T01:04:06.538Z",
    "dateUpdated": "2025-06-03T18:46:20.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-15352 (GCVE-0-2020-15352)

Vulnerability from cvelistv5

Published

2020-10-27 04:10

Modified

2024-08-04 13:15

Severity ?

CWE

n/a

Summary

An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:15:20.466Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-27T04:10:54",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-15352",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-15352",
    "datePublished": "2020-10-27T04:10:54",
    "dateReserved": "2020-06-26T00:00:00",
    "dateUpdated": "2024-08-04T13:15:20.466Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8221 (GCVE-0-2020-8221)

Vulnerability from cvelistv5

Published

2020-07-30 12:53

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-22 - Path Traversal ()

Summary

A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 which allows an authenticated attacker to read arbitrary files via the administrator web interface.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure	Version: Fixed in

Show details on NVD website

https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.888Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A path traversal vulnerability exists in Pulse Connect Secure \u003c9.1R8 which allows an authenticated attacker to read arbitrary files via the administrator web interface."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "Path Traversal (CWE-22)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-30T12:53:02",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8221",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A path traversal vulnerability exists in Pulse Connect Secure \u003c9.1R8 which allows an authenticated attacker to read arbitrary files via the administrator web interface."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Path Traversal (CWE-22)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8221",
    "datePublished": "2020-07-30T12:53:02",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:27.888Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5450 (GCVE-0-2025-5450)

Vulnerability from cvelistv5

Published

2025-07-08 15:00

Modified

2025-07-08 20:42

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-602 - Client-Side Enforcement of Server-Side Security

Summary

Improper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated admin with read-only rights to modify settings that should be restricted.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.8

Patch: 22.7R1.5

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5450",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T20:42:50.659103Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T20:42:58.412Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.8",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated admin with read-only rights to modify settings that should be restricted.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "Improper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated admin with read-only rights to modify settings that should be restricted."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-1",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-602",
              "description": "CWE-602: Client-Side Enforcement of Server-Side Security",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T15:00:02.314Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2025-5450",
    "datePublished": "2025-07-08T15:00:02.314Z",
    "dateReserved": "2025-06-02T07:20:09.117Z",
    "dateUpdated": "2025-07-08T20:42:58.412Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8495 (GCVE-0-2024-8495)

Vulnerability from cvelistv5

Published

2024-11-12 16:04

Modified

2024-11-19 17:11

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-476 - NULL Pointer Dereference

Summary

A null pointer dereference in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to cause a denial of service.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.1

Patch: 22.7R1.1

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:22.7r2.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7r2.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:22.7r1.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7r1.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8495",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:10:46.759373Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T17:11:47.014Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA null pointer dereference in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to cause a denial of service.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "A null pointer dereference in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to cause a denial of service."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129 Pointer Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T16:04:41.257Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-8495",
    "datePublished": "2024-11-12T16:04:41.257Z",
    "dateReserved": "2024-09-05T18:16:58.816Z",
    "dateUpdated": "2024-11-19T17:11:47.014Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-38655 (GCVE-0-2024-38655)

Vulnerability from cvelistv5

Published

2024-11-13 01:54

Modified

2024-11-23 21:06

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.1 and 9.1R18.9 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.7R2.1 < 22.7R2.1
Version: 9.1R18.9 < 9.1R18.9

Version: 22.7R1.1 < 22.7R1.1
Version: 9.1R18.9 < 9.1R18.9

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7_r2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7_r1.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38655",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T15:36:18.124138Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-88",
                "description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T15:37:13.168Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R2.1",
              "status": "affected",
              "version": "22.7R2.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1R18.9",
              "status": "affected",
              "version": "9.1R18.9",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R1.1",
              "status": "affected",
              "version": "22.7R1.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1R18.9",
              "status": "affected",
              "version": "9.1R18.9",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.1 and 9.1R18.9 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-23T21:06:07.435Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-38655",
    "datePublished": "2024-11-13T01:54:45.595Z",
    "dateReserved": "2024-06-19T01:04:07.138Z",
    "dateUpdated": "2024-11-23T21:06:07.435Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11005 (GCVE-0-2024-11005)

Vulnerability from cvelistv5

Published

2024-11-12 16:07

Modified

2024-11-22 16:33

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Summary

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.1

Patch: 22.7R1.1

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7R2.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.7R1.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11005",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T18:29:40.876421Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T18:30:35.957Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution."
            }
          ],
          "value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-248",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-248 Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T16:33:10.013Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-11005",
    "datePublished": "2024-11-12T16:07:45.350Z",
    "dateReserved": "2024-11-07T21:56:05.756Z",
    "dateUpdated": "2024-11-22T16:33:10.013Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8262 (GCVE-0-2020-8262)

Vulnerability from cvelistv5

Published

2020-10-28 12:47

Modified

2024-08-04 09:56

Severity ?

CWE

CWE-79 - Cross-site Scripting (XSS) - Reflected ()

Summary

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.

References

►

URL

Tags

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure / Pulse Policy Secure	Version: Fixed in 9.1R9

Show details on NVD website

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:28.075Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure / Pulse Policy Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R9"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Cross-site Scripting (XSS) - Reflected (CWE-79)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-28T12:47:55",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8262",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure / Pulse Policy Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R9"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-site Scripting (XSS) - Reflected (CWE-79)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8262",
    "datePublished": "2020-10-28T12:47:55",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-08-04T09:56:28.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-35258 (GCVE-0-2022-35258)

Vulnerability from cvelistv5

Published

2022-12-05 00:00

Modified

2024-08-03 09:29

Severity ?

CWE

CWE-128 - Wrap-around Error ()

Summary

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

References

►

URL

Tags

Impacted products

	Vendor	Product	Version
	n/a	Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Neurons for Zero Trust Access Gateway	Version: ICS Prior to 9.1R14.3,9.1R15.2,9.1R16.2 and 22.2R4, IPS Prior to 9.1R17 and 22.3R1, Ivanti Neurons for Zero Trust Access Gateway Prior to 22.3R1

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T09:29:17.434Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Neurons for Zero Trust Access Gateway",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ICS Prior to 9.1R14.3,9.1R15.2,9.1R16.2 and 22.2R4, IPS Prior to 9.1R17 and 22.3R1, Ivanti Neurons for Zero Trust Access Gateway Prior to 22.3R1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-128",
              "description": "Wrap-around Error (CWE-128)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-05T00:00:00",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2022-35258",
    "datePublished": "2022-12-05T00:00:00",
    "dateReserved": "2022-07-06T00:00:00",
    "dateUpdated": "2024-08-03T09:29:17.434Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-11539 (GCVE-0-2019-11539)

Vulnerability from cvelistv5

Published

2019-04-26 01:39

Modified

2025-07-30 01:46

Severity ?

8.0 (High) - CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

n/a

Summary

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands.

References

►

URL

Tags

	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/108073	vdb-entry, x_refsource_BID
	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010	x_refsource_CONFIRM
	https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf	x_refsource_MISC
	http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html	x_refsource_MISC
	https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/	x_refsource_MISC
	https://www.kb.cert.org/vuls/id/927237	third-party-advisory, x_refsource_CERT-VN
	http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html	x_refsource_MISC
	http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.818Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101"
          },
          {
            "name": "108073",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108073"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/"
          },
          {
            "name": "VU#927237",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/927237"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-11539",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-03T15:40:52.619006Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11539"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-78",
                "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:46:04.644Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2019-11539 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-06T15:06:16.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101"
        },
        {
          "name": "108073",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108073"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/"
        },
        {
          "name": "VU#927237",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/927237"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11539",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101"
            },
            {
              "name": "108073",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108073"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010"
            },
            {
              "name": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf",
              "refsource": "MISC",
              "url": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf"
            },
            {
              "name": "http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html"
            },
            {
              "name": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/",
              "refsource": "MISC",
              "url": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/"
            },
            {
              "name": "VU#927237",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/927237"
            },
            {
              "name": "http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11539",
    "datePublished": "2019-04-26T01:39:36.000Z",
    "dateReserved": "2019-04-25T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:46:04.644Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5463 (GCVE-0-2025-5463)

Vulnerability from cvelistv5

Published

2025-07-08 15:02

Modified

2025-07-08 20:39

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-532 - Insertion of Sensitive Information into Log File

Summary

Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.8

Patch: 22.7R1.5

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5463",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T20:39:21.910849Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T20:39:29.302Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.8",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T15:02:38.657Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2025-5463",
    "datePublished": "2025-07-08T15:02:38.657Z",
    "dateReserved": "2025-06-02T10:54:07.286Z",
    "dateUpdated": "2025-07-08T20:39:29.302Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8218 (GCVE-0-2020-8218)

Vulnerability from cvelistv5

Published

2020-07-30 12:53

Modified

2025-07-30 01:45

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-94 - Code Injection ()

Summary

A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.

References

►

URL

Tags

	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	x_refsource_MISC
	https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Pulse Connect Secure	Version: Fixed in 9.1R8

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:27.483Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.2,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2020-8218",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T18:20:41.248153Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-07",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-8218"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:45:37.293Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-07T00:00:00+00:00",
            "value": "CVE-2020-8218 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Pulse Connect Secure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 9.1R8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A code injection vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Code Injection (CWE-94)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-01T14:27:42.000Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8218",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Pulse Connect Secure",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 9.1R8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A code injection vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Code Injection (CWE-94)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
            },
            {
              "name": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/",
              "refsource": "MISC",
              "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8218",
    "datePublished": "2020-07-30T12:53:02.000Z",
    "dateReserved": "2020-01-28T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:45:37.293Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39711 (GCVE-0-2024-39711)

Vulnerability from cvelistv5

Published

2024-11-13 01:54

Modified

2024-12-01 18:25

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.7R2.1 < 22.7R2.1
Version: 9.1R18.7 < 9.1R18.7

Version: 22.7R1.1 < 22.7R1.1

Show details on NVD website

https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7_r2.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "9.1_r18.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "lessThan": "22.7_r1.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39711",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:16:14.381365Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-88",
                "description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:16:37.401Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R2.1",
              "status": "affected",
              "version": "22.7R2.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1R18.7",
              "status": "affected",
              "version": "9.1R18.7",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.7R1.1",
              "status": "affected",
              "version": "22.7R1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1  allows a remote authenticated attacker with admin privileges to achieve remote code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-01T18:25:55.769Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-39711",
    "datePublished": "2024-11-13T01:54:45.452Z",
    "dateReserved": "2024-06-28T01:04:08.821Z",
    "dateUpdated": "2024-12-01T18:25:55.769Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-13843 (GCVE-0-2024-13843)

Vulnerability from cvelistv5

Published

2025-02-11 15:26

Modified

2025-02-11 16:00

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-312 - Cleartext Storage of Sensitive Information

Summary

Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Patch: 22.7R2.6

Patch: 22.7R1.3

Show details on NVD website

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-13843",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T16:00:38.375074Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T16:00:53.016Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R2.6",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "22.7R1.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312 Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T15:26:32.029Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2024-13843",
    "datePublished": "2025-02-11T15:26:32.029Z",
    "dateReserved": "2025-02-06T17:13:09.182Z",
    "dateUpdated": "2025-02-11T16:00:53.016Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0282 (GCVE-0-2025-0282)

Vulnerability from cvelistv5

Published

2025-01-08 22:15

Modified

2025-07-30 01:36

Severity ?

9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

References

►

URL

Tags

Impacted products

Vendor

Product

Version

►

Version: 22.7R2 <
Patch: 22.7R2.5

	Ivanti	Policy Secure	Version: 22.7R1 <
	Ivanti	Neurons for ZTA gateways	Version: 22.7R2 < Patch: 22.7R2.5

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "dateAdded": "2025-01-08",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0282"
              },
              "type": "kev"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-0282",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-28T17:00:49.115686Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:36:22.682Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory"
            ],
            "url": "https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/"
          },
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-0282"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/sfewer-r7/CVE-2025-0282"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-01-08T00:00:00+00:00",
            "value": "CVE-2025-0282 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-09T21:45:22.375Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-0282"
          },
          {
            "url": "https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "22.7R2.4",
              "status": "affected",
              "version": "22.7R2",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "22.7R2.5",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "22.7R1.2",
              "status": "affected",
              "version": "22.7R1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Neurons for ZTA gateways",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "22.7R2.3",
              "status": "affected",
              "version": "22.7R2",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "22.7R2.5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-08T22:15:09.386Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2025-0282",
    "datePublished": "2025-01-08T22:15:09.386Z",
    "dateReserved": "2025-01-06T16:53:11.204Z",
    "dateUpdated": "2025-07-30T01:36:22.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2025-07-08 16:15

Modified

2025-07-10 13:10

Severity ?

6.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

Summary

CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to write to a protected configuration file on disk.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
              "matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.6:*:*:*:*:*:*",
              "matchCriteriaId": "C3019D80-C578-437E-A304-F49F1AEC24F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.7:*:*:*:*:*:*",
              "matchCriteriaId": "A2EFC001-63D4-4FD0-8E14-C5A1C9E3BF9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "4C12D325-77E1-4873-8A77-D76F4A73BCF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "95E4AE0D-614C-4300-9ADB-8442EF9A84C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to write to a protected configuration file on disk."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de CLRF en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.8 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.5 permite que un atacante remoto autenticado con derechos de administrador escriba en un archivo de configuraci\u00f3n protegido en el disco."
    }
  ],
  "id": "CVE-2025-0293",
  "lastModified": "2025-07-10T13:10:48.063",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 3.7,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 2.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-07-08T16:15:51.727",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-93"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-30 13:15

Modified

2024-11-21 05:38

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 which allows an authenticated attacker to read arbitrary files via the administrator web interface.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A path traversal vulnerability exists in Pulse Connect Secure \u003c9.1R8 which allows an authenticated attacker to read arbitrary files via the administrator web interface."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de salto de ruta en Pulse Connect Secure versiones anteriores a 9.1R8, que permite a un atacante autenticado leer archivos arbitrarios por medio de la interfaz web del administrador"
    }
  ],
  "id": "CVE-2020-8221",
  "lastModified": "2024-11-21T05:38:31.913",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-30T13:15:12.063",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-30 13:15

Modified

2024-11-21 05:38

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to change the password of a full administrator.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An insufficient permission check vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allows an attacker to change the password of a full administrator."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de comprobaci\u00f3n de permisos insuficiente en Pulse Connect Secure versiones anteriores a 9.1R8, que permite a un atacante cambiar la contrase\u00f1a de un administrador completa"
    }
  ],
  "id": "CVE-2020-8219",
  "lastModified": "2024-11-21T05:38:31.670",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-30T13:15:11.907",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-280"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-276"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-30 13:15

Modified

2024-11-21 05:38

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure \u003c9.1R5 on the PSAL Page."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de tipo cross site scripting (XSS) en Pulse Connect Secure versiones anteriores a 9.1R5, en la P\u00e1gina PSAL"
    }
  ],
  "id": "CVE-2020-8204",
  "lastModified": "2024-11-21T05:38:29.987",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-30T13:15:11.470",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-12-12 01:55

Modified

2025-07-02 20:26

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A heap-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A heap-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en mont\u00f3n en IPsec de Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.3 permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-37377",
  "lastModified": "2025-07-02T20:26:04.183",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-12T01:55:19.320",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-01-31 18:15

Modified

2024-11-29 15:16

Severity ?

8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Summary

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	21.9
ivanti	connect_secure	21.12
ivanti	connect_secure	22.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.2
ivanti	connect_secure	22.3
ivanti	connect_secure	22.4
ivanti	connect_secure	22.4
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2
ivanti	policy_secure	22.2
ivanti	policy_secure	22.3
ivanti	policy_secure	22.3
ivanti	policy_secure	22.4
ivanti	policy_secure	22.4
ivanti	policy_secure	22.4
ivanti	policy_secure	22.5
ivanti	policy_secure	22.6
ivanti	neurons_for_zero-trust_access	-
ivanti	neurons_for_zero-trust_access	22.2
ivanti	neurons_for_zero-trust_access	22.2
ivanti	neurons_for_zero-trust_access	22.2
ivanti	neurons_for_zero-trust_access	22.3
ivanti	neurons_for_zero-trust_access	22.3
ivanti	neurons_for_zero-trust_access	22.4
ivanti	neurons_for_zero-trust_access	22.4
ivanti	neurons_for_zero-trust_access	22.5
ivanti	neurons_for_zero-trust_access	22.5
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6

To clipboard

{
  "cisaActionDue": "2024-02-02",
  "cisaExploitAdd": "2024-01-31",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "3818B543-3415-4E27-8DAD-6BA9D3D9A1A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D47D09A8-4AC4-4CD9-B648-5F26453E2E1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "59331DC5-FF5F-4BB3-905E-5A4A621F86ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "6A708C3F-9050-4475-95B3-4785D3E2CB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "52851AAA-88FB-40BC-B41A-B821F6BA9F79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*",
              "matchCriteriaId": "5DA976D9-A330-475E-B8C0-09EF3E08F18D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*",
              "matchCriteriaId": "59F4A6F7-A6D4-4517-A316-7C7C002A9ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:*",
              "matchCriteriaId": "702094B0-2E5C-4A16-A8B0-F0EAF78E4ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "A369AE09-17E4-4541-A8E1-A2F4A1398EE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "24EF2F1A-8140-4FDB-8AF4-309AFAF998E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "4755BC2C-A96E-47AF-9D7C-E8D44B31F10B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "BF6E8A0C-192B-4F51-86AA-FC2B85657632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
              "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
              "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
              "matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
              "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
              "matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*",
              "matchCriteriaId": "080CD832-3324-4158-A4CD-3A2E49B7BC74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*",
              "matchCriteriaId": "DB2B8165-E9D4-4549-B16E-A62810BDAF8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*",
              "matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "6564FE9E-7D96-4226-8378-DAC25525CDD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "415219D0-2D9A-4617-ABB7-6FF918421BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "D3DF17AC-EC26-4B76-8989-B7880C9EF73E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "6C383863-1E90-4B72-A500-4326782BC92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "AB9A5868-34FB-446E-817F-6701CC5DE923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*",
              "matchCriteriaId": "5456F61D-1FD1-4DA6-AFA3-4073889AD22A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "EA574551-14BF-45E1-AC2A-2FB5B265640E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:*",
              "matchCriteriaId": "98FC67F0-3EEF-4C69-BB94-A15B1FE4D8F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:*",
              "matchCriteriaId": "77AA3823-7B01-423E-BE8E-797AEB567B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "925DCCBA-9382-4A39-84B8-4DEAFD2BC802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "1536DB45-9A42-4549-A10E-FDBB6693DF17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "51FF66C9-9415-4EAD-8F19-D5E067336885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D73729EB-C679-4CED-9F36-212B0581EC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "14B481E8-D887-408F-B892-D2939CD037AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "3EB8380F-D229-4AF0-B27C-47760F843E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "56C7542D-3520-4E4D-936C-5295068C4CD7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E4387B4-BC5C-41DE-92DA-84866A649AD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "24514B40-540E-45D7-90DC-BCC1D9D7E92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r4:*:*:*:*:*:*",
              "matchCriteriaId": "BFD510E9-12DC-4942-BAA0-6405CBD905EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r5:*:*:*:*:*:*",
              "matchCriteriaId": "EA11BB6D-36C7-438B-A5A7-71C3CB2E5EC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "7B01001B-FA11-4297-AB81-12A00B97C820",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r4:*:*:*:*:*:*",
              "matchCriteriaId": "9F28E6B1-44AB-4635-8939-5B0A44BED1E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "3E9D957B-49F9-492D-A66A-0D25BA27AD35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "D1AB497E-E403-4DEE-A83D-CB2E119E5E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CA6B3322-9AFB-44B5-B571-995AB606FD01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "47CB7C12-D642-4015-842C-37241F87DB86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "58E49DF1-F66A-4F52-87FA-A50DFD735ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "62A0393A-C1C6-4708-BC41-5A5B8FB765FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de server-side request forgery en el componente SAML de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure (9.x, 22.x) e Ivanti Neurons for ZTA permite a un atacante acceder a ciertos recursos restringidos sin autenticaci\u00f3n."
    }
  ],
  "id": "CVE-2024-21893",
  "lastModified": "2024-11-29T15:16:27.133",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-01-31T18:15:47.437",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 17:15

Modified

2025-01-17 20:23

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	*
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8B38BEE-671B-4B29-A230-C92ACEE60C74",
              "versionEndExcluding": "22.7",
              "versionStartExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0905A2B5-F9DF-48C9-9DA4-2D4C1C7BC0F5",
              "versionEndExcluding": "22.7",
              "versionStartExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de comandos en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.1 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.1 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-11006",
  "lastModified": "2025-01-17T20:23:23.497",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-12T17:15:07.333",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-12-10 19:15

Modified

2025-01-17 19:32

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. (Not applicable to 9.1Rx)

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. (Not applicable to 9.1Rx)"
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de comandos en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.3 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.2 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo. (No aplicable a 9.1Rx)"
    }
  ],
  "id": "CVE-2024-11634",
  "lastModified": "2025-01-17T19:32:48.327",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-12-10T19:15:19.570",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 17:15

Modified

2025-01-17 20:23

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	*
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8B38BEE-671B-4B29-A230-C92ACEE60C74",
              "versionEndExcluding": "22.7",
              "versionStartExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0905A2B5-F9DF-48C9-9DA4-2D4C1C7BC0F5",
              "versionEndExcluding": "22.7",
              "versionStartExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de comandos en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.1 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.1 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-11005",
  "lastModified": "2025-01-17T20:23:26.140",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-12T17:15:07.130",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-01-31 18:15

Modified

2025-06-03 19:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	21.9
ivanti	connect_secure	21.12
ivanti	connect_secure	22.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.2
ivanti	connect_secure	22.3
ivanti	connect_secure	22.4
ivanti	connect_secure	22.4
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2
ivanti	policy_secure	22.2
ivanti	policy_secure	22.3
ivanti	policy_secure	22.3
ivanti	policy_secure	22.4
ivanti	policy_secure	22.4
ivanti	policy_secure	22.4
ivanti	policy_secure	22.5
ivanti	policy_secure	22.6

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "3818B543-3415-4E27-8DAD-6BA9D3D9A1A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D47D09A8-4AC4-4CD9-B648-5F26453E2E1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "59331DC5-FF5F-4BB3-905E-5A4A621F86ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "6A708C3F-9050-4475-95B3-4785D3E2CB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "52851AAA-88FB-40BC-B41A-B821F6BA9F79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*",
              "matchCriteriaId": "5DA976D9-A330-475E-B8C0-09EF3E08F18D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*",
              "matchCriteriaId": "59F4A6F7-A6D4-4517-A316-7C7C002A9ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:*",
              "matchCriteriaId": "702094B0-2E5C-4A16-A8B0-F0EAF78E4ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "A369AE09-17E4-4541-A8E1-A2F4A1398EE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "24EF2F1A-8140-4FDB-8AF4-309AFAF998E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "4755BC2C-A96E-47AF-9D7C-E8D44B31F10B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "BF6E8A0C-192B-4F51-86AA-FC2B85657632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
              "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
              "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
              "matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
              "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
              "matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*",
              "matchCriteriaId": "080CD832-3324-4158-A4CD-3A2E49B7BC74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*",
              "matchCriteriaId": "DB2B8165-E9D4-4549-B16E-A62810BDAF8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*",
              "matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "6564FE9E-7D96-4226-8378-DAC25525CDD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "415219D0-2D9A-4617-ABB7-6FF918421BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "D3DF17AC-EC26-4B76-8989-B7880C9EF73E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "6C383863-1E90-4B72-A500-4326782BC92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "AB9A5868-34FB-446E-817F-6701CC5DE923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*",
              "matchCriteriaId": "5456F61D-1FD1-4DA6-AFA3-4073889AD22A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "EA574551-14BF-45E1-AC2A-2FB5B265640E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:*",
              "matchCriteriaId": "98FC67F0-3EEF-4C69-BB94-A15B1FE4D8F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:*",
              "matchCriteriaId": "77AA3823-7B01-423E-BE8E-797AEB567B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "925DCCBA-9382-4A39-84B8-4DEAFD2BC802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "1536DB45-9A42-4549-A10E-FDBB6693DF17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "51FF66C9-9415-4EAD-8F19-D5E067336885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D73729EB-C679-4CED-9F36-212B0581EC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "14B481E8-D887-408F-B892-D2939CD037AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "3EB8380F-D229-4AF0-B27C-47760F843E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "56C7542D-3520-4E4D-936C-5295068C4CD7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator. "
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de escalada de privilegios en el componente web de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure (9.x, 22.x) permite a un usuario elevar privilegios a los de administrador."
    }
  ],
  "id": "CVE-2024-21888",
  "lastModified": "2025-06-03T19:15:37.073",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-01-31T18:15:47.260",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-01-12 17:15

Modified

2025-02-12 19:55

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.

References

URL	Tags
support@hackerone.com	http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
support@hackerone.com	https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.0
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.2
ivanti	connect_secure	22.3
ivanti	connect_secure	22.4
ivanti	connect_secure	22.4
ivanti	connect_secure	22.5
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	policy_secure	9.0
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2
ivanti	policy_secure	22.2
ivanti	policy_secure	22.3
ivanti	policy_secure	22.3
ivanti	policy_secure	22.4
ivanti	policy_secure	22.4
ivanti	policy_secure	22.4
ivanti	policy_secure	22.5
ivanti	policy_secure	22.5
ivanti	policy_secure	22.6

To clipboard

{
  "cisaActionDue": "2024-01-22",
  "cisaExploitAdd": "2024-01-10",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Ivanti Connect Secure and Policy Secure Command Injection Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAA1F3F-FC78-43C1-814A-19E94AC4A844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
              "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
              "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
              "matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
              "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
              "matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "6564FE9E-7D96-4226-8378-DAC25525CDD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "415219D0-2D9A-4617-ABB7-6FF918421BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "D3DF17AC-EC26-4B76-8989-B7880C9EF73E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "001E117B-E8EE-4C20-AEBF-34FF5EB5051E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "6C383863-1E90-4B72-A500-4326782BC92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "AB9A5868-34FB-446E-817F-6701CC5DE923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*",
              "matchCriteriaId": "5456F61D-1FD1-4DA6-AFA3-4073889AD22A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD00E2EC-B772-4FE8-8CC5-829BE45BE878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "925DCCBA-9382-4A39-84B8-4DEAFD2BC802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "1536DB45-9A42-4549-A10E-FDBB6693DF17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "51FF66C9-9415-4EAD-8F19-D5E067336885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D73729EB-C679-4CED-9F36-212B0581EC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "14B481E8-D887-408F-B892-D2939CD037AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "3EB8380F-D229-4AF0-B27C-47760F843E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "28A9318A-0D4D-4EF1-998B-4A82A1AB63F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "56C7542D-3520-4E4D-936C-5295068C4CD7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n de comandos en componentes web de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure (9.x, 22.x) permite a un administrador autenticado enviar solicitudes especialmente manipuladas y ejecutar comandos arbitrarios en el dispositivo."
    }
  ],
  "id": "CVE-2024-21887",
  "lastModified": "2025-02-12T19:55:33.273",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-01-12T17:15:10.017",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-30 13:15

Modified

2024-11-21 05:38

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Summary

A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability through Meeting.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A path traversal vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability through Meeting."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de salto de ruta en Pulse Connect Secure versiones anteriores a 9.1R8, que permiti\u00f3 a un atacante autenticado por medio de la interfaz web del administrador llevar a cabo una vulnerabilidad de lectura de archivos arbitraria por medio de Meeting"
    }
  ],
  "id": "CVE-2020-8222",
  "lastModified": "2024-11-21T05:38:32.030",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-30T13:15:12.157",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-30 13:15

Modified

2024-11-21 05:38

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An information disclosure vulnerability in meeting of Pulse Connect Secure \u003c9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en la reuni\u00f3n de Pulse Connect Secure versiones anteriores a 9.1R8, permiti\u00f3 a usuarios finales autenticados encontrar detalles de la reuni\u00f3n, si conocen el ID de Reuni\u00f3n"
    }
  ],
  "id": "CVE-2020-8216",
  "lastModified": "2024-11-21T05:38:31.307",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-30T13:15:11.707",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 16:15

Modified

2024-11-18 15:08

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en pila en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.3 e Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.2 permite que un atacante remoto autenticado con privilegios de administrador provoque una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-47905",
  "lastModified": "2024-11-18T15:08:47.280",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-12T16:15:22.473",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-12-12 01:55

Modified

2025-07-02 20:07

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:-:*:*:*:*:*:*",
              "matchCriteriaId": "A0EC2FCD-5402-4269-B86A-18F8DFB8F2C9",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service."
    },
    {
      "lang": "es",
      "value": "Una lectura fuera de los l\u00edmites en IPsec de Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.1 permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-37401",
  "lastModified": "2025-07-02T20:07:12.820",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-12T01:55:20.820",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-09-30 18:15

Modified

2024-11-21 05:38

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure < 9.1R8.2 could allow attackers to conduct Cross-Site Scripting (XSS).

References

URL	Tags
support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588	Vendor Advisory
support@hackerone.com	https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_connect_secure	*
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure \u003c 9.1R8.2 could allow attackers to conduct Cross-Site Scripting (XSS)."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de usuario web autenticado de Pulse Connect Secure y Pulse Policy Secure versiones anteriores a 9.1R8.2, podr\u00eda permitir a atacantes llevar a cabo un ataque de tipo Cross-Site Scripting (XSS)"
    }
  ],
  "id": "CVE-2020-8238",
  "lastModified": "2024-11-21T05:38:34.047",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-30T18:15:28.990",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-02-21 02:15

Modified

2025-07-09 14:50

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Summary

External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write arbitrary files.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write arbitrary files."
    },
    {
      "lang": "es",
      "value": "Control externo de un nombre de archivo en Ivanti Connect Secure antes de la versi\u00f3n 22.7r2.4 e Ivanti Policy Secure antes de la versi\u00f3n 22.7R1.3 permite que un atacante autenticado remoto con privilegios de administraci\u00f3n escriba archivos arbitrarios."
    }
  ],
  "id": "CVE-2024-38657",
  "lastModified": "2025-07-09T14:50:48.063",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-02-21T02:15:28.860",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-73"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-30 13:15

Modified

2024-11-21 05:38

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Summary

A denial of service vulnerability exists in Pulse Connect Secure <9.1R8 that allows an authenticated attacker to perform command injection via the administrator web which can cause DOS.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A denial of service vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allows an authenticated attacker to perform command injection via the administrator web which can cause DOS."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad denegaci\u00f3n de servicio en Pulse Connect Secure versiones anteriores a 9.1R8, que permite a un atacante autenticado llevar a cabo una inyecci\u00f3n de comandos por medio de la web del administrador que puede causar una DOS"
    }
  ],
  "id": "CVE-2020-8220",
  "lastModified": "2024-11-21T05:38:31.800",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-30T13:15:11.987",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-02-11 16:15

Modified

2025-02-20 15:55

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82432B1B-F50E-4D85-B4B5-6C91923F1BF9",
              "versionEndIncluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA65DC97-7E46-4C59-B8D4-E4EB4EDCD735",
              "versionEndIncluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data."
    },
    {
      "lang": "es",
      "value": "Una clave codificada en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.3 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.3 permite que un atacante local autenticado con privilegios de administrador lea datos confidenciales."
    }
  ],
  "id": "CVE-2024-13842",
  "lastModified": "2025-02-20T15:55:29.770",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 4.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-02-11T16:15:39.513",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-321"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-01-08 23:15

Modified

2025-03-17 19:24

Severity ?

9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

References

URL	Tags
3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day	Exploit, Technical Description
af854a3a-2127-422b-91ae-364da2661108	https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-0282	Third Party Advisory, US Government Resource
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/sfewer-r7/CVE-2025-0282	Exploit
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/	Exploit, Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-0282	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "cisaActionDue": "2025-01-15",
  "cisaExploitAdd": "2025-01-08",
  "cisaRequiredAction": "Apply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service.",
  "cisaVulnerabilityName": "Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "67D43D1D-564D-4ACD-B0FF-3828B95E9864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "BC8480E0-17C0-4590-950F-D3954E735365",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3FAF4FB0-A88C-4A87-B6CB-32EF7B415885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en pila en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.5, Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.2 e Ivanti Neurons para puertas de enlace ZTA anteriores a la versi\u00f3n 22.7R2.3 permite que un atacante remoto no autenticado logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2025-0282",
  "lastModified": "2025-03-17T19:24:45.253",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 6.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-01-08T23:15:09.763",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description"
      ],
      "url": "https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-0282"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit"
      ],
      "url": "https://github.com/sfewer-r7/CVE-2025-0282"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-0282"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-08 15:15

Modified

2025-07-15 13:10

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:-:*:*:*:*:*:*",
              "matchCriteriaId": "A0EC2FCD-5402-4269-B86A-18F8DFB8F2C9",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
              "matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.6:*:*:*:*:*:*",
              "matchCriteriaId": "C3019D80-C578-437E-A304-F49F1AEC24F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.7:*:*:*:*:*:*",
              "matchCriteriaId": "A2EFC001-63D4-4FD0-8E14-C5A1C9E3BF9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "4C12D325-77E1-4873-8A77-D76F4A73BCF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "95E4AE0D-614C-4300-9ADB-8442EF9A84C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en pila en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.8 e Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.5 permite que un atacante remoto autenticado con derechos de administrador active una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2025-5451",
  "lastModified": "2025-07-15T13:10:56.463",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-08T15:15:31.817",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 16:15

Modified

2024-11-18 15:09

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en pila en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.3 e Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.2 permite que un atacante remoto autenticado con privilegios de administrador provoque una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-47909",
  "lastModified": "2024-11-18T15:09:45.750",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-12T16:15:23.080",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-30 13:15

Modified

2024-11-21 05:38

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

A cross site scripting (XSS) vulnerability in Pulse Connect Secure <9.1R8 allowed attackers to exploit in the URL used for Citrix ICA.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A cross site scripting (XSS) vulnerability in Pulse Connect Secure \u003c9.1R8 allowed attackers to exploit in the URL used for Citrix ICA."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo cross site scripting (XSS) en Pulse Connect Secure versiones anteriores a 9.1R8, permiti\u00f3 a atacantes explotar en la URL usada por Citrix ICA"
    }
  ],
  "id": "CVE-2020-8217",
  "lastModified": "2024-11-21T05:38:31.430",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-30T13:15:11.783",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-04-04 20:15

Modified

2024-11-21 08:55

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.3
ivanti	connect_secure	22.4
ivanti	connect_secure	22.5
ivanti	connect_secure	22.6
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2
ivanti	policy_secure	22.3
ivanti	policy_secure	22.4
ivanti	policy_secure	22.5
ivanti	policy_secure	22.6

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:lts:*:*:*",
              "matchCriteriaId": "4F06BC30-D62D-4A8F-8279-69C1A4A77357",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FCEFEAE-2A69-4B54-B59F-207E182587B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E34306-6D29-44FF-914C-F56A0BDB9BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "72229EFD-B5F2-4EFA-9B62-8CB30767E9A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FDDA64-2FFB-424B-84C3-5D12B023BEE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF23F7CD-2A2F-4074-9711-7AF001D27693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DCED84C-D9C4-4863-8323-721C3009046E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "943AE706-D105-4F10-9CEE-DFED2B398BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97BA5833-4D1C-49FE-AED1-C05739C70D9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF784115-7006-49AE-96B9-E983936733B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F070F30-4AFE-4A02-843D-702F08F29630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BC6B43E-6BBF-421A-9F9C-41FEBA72712B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED7C69C-6F3E-442E-BEBE-57E14AA2165F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS. "
    },
    {
      "lang": "es",
      "value": "Una expansi\u00f3n de entidad XML o vulnerabilidad XEE en el componente SAML de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure permite que un atacante no autenticado env\u00ede solicitudes XML especialmente manipuladas para causar temporalmente el agotamiento de los recursos, lo que resulta en una DoS por tiempo limitado."
    }
  ],
  "id": "CVE-2024-22023",
  "lastModified": "2024-11-21T08:55:25.000",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-04-04T20:15:08.130",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-08 15:15

Modified

2025-07-15 13:04

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
              "matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.6:*:*:*:*:*:*",
              "matchCriteriaId": "C3019D80-C578-437E-A304-F49F1AEC24F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.7:*:*:*:*:*:*",
              "matchCriteriaId": "A2EFC001-63D4-4FD0-8E14-C5A1C9E3BF9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "4C12D325-77E1-4873-8A77-D76F4A73BCF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "95E4AE0D-614C-4300-9ADB-8442EF9A84C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information."
    },
    {
      "lang": "es",
      "value": "La inserci\u00f3n de informaci\u00f3n confidencial en un archivo de registro en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.8 e Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.5 permite que un atacante local autenticado obtenga esa informaci\u00f3n."
    }
  ],
  "id": "CVE-2025-5463",
  "lastModified": "2025-07-15T13:04:57.140",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-08T15:15:32.010",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 17:15

Modified

2025-01-17 20:05

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Reflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Reflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required."
    },
    {
      "lang": "es",
      "value": "El XSS reflejado en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.1 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.1 permite que un atacante remoto no autenticado obtenga privilegios de administrador. Se requiere la interacci\u00f3n del usuario."
    }
  ],
  "id": "CVE-2024-11004",
  "lastModified": "2025-01-17T20:05:17.653",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-12T17:15:06.943",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-13 02:15

Modified

2025-07-11 13:54

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de argumentos en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2 y 9.1R18.7 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.1 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-39710",
  "lastModified": "2025-07-11T13:54:06.847",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-13T02:15:19.150",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-08 16:15

Modified

2025-07-15 12:55

Severity ?

5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to access internal network services.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
              "matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.6:*:*:*:*:*:*",
              "matchCriteriaId": "C3019D80-C578-437E-A304-F49F1AEC24F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.7:*:*:*:*:*:*",
              "matchCriteriaId": "A2EFC001-63D4-4FD0-8E14-C5A1C9E3BF9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "4C12D325-77E1-4873-8A77-D76F4A73BCF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "95E4AE0D-614C-4300-9ADB-8442EF9A84C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to access internal network services."
    },
    {
      "lang": "es",
      "value": "SSRF en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.8 y Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.5 permite que un atacante remoto autenticado con derechos de administrador acceda a los servicios de red internos."
    }
  ],
  "id": "CVE-2025-0292",
  "lastModified": "2025-07-15T12:55:41.197",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-07-08T16:15:50.543",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-13 02:15

Modified

2025-07-16 00:32

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	*
ivanti	connect_secure	9.1
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	policy_secure	*
ivanti	policy_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC3DCD5-1293-42A0-AA2E-C19F7D3F5B44",
              "versionEndExcluding": "22.6",
              "versionStartIncluding": "21.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "6C383863-1E90-4B72-A500-4326782BC92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "AB9A5868-34FB-446E-817F-6701CC5DE923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:-:*:*:*:*:*:*",
              "matchCriteriaId": "9D14A0CE-C640-4315-BD32-B41C88DF7308",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24416793-D1B2-4AFC-AAB4-A5FCD4CD5526",
              "versionEndExcluding": "22.7",
              "versionStartIncluding": "22.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges."
    },
    {
      "lang": "es",
      "value": "Los permisos de archivo incorrectos en Ivanti Connect Secure anterior a la versi\u00f3n 22.6R2 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.6R1 permiten que un atacante autenticado local aumente sus privilegios."
    }
  ],
  "id": "CVE-2024-39709",
  "lastModified": "2025-07-16T00:32:01.760",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-13T02:15:18.993",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-02-11 16:15

Modified

2025-07-14 13:11

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:-:*:*:*:*:*:*",
              "matchCriteriaId": "48EFA63B-1322-45B0-B86D-87F24A2B4E8A",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de c\u00f3digo en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.4 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.3 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-10644",
  "lastModified": "2025-07-14T13:11:26.383",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-02-11T16:15:38.360",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-04-04 20:15

Modified

2024-11-21 08:55

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.3
ivanti	connect_secure	22.4
ivanti	connect_secure	22.5
ivanti	connect_secure	22.6
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2
ivanti	policy_secure	22.3
ivanti	policy_secure	22.4
ivanti	policy_secure	22.5
ivanti	policy_secure	22.6

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:lts:*:*:*",
              "matchCriteriaId": "4F06BC30-D62D-4A8F-8279-69C1A4A77357",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FCEFEAE-2A69-4B54-B59F-207E182587B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E34306-6D29-44FF-914C-F56A0BDB9BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "72229EFD-B5F2-4EFA-9B62-8CB30767E9A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FDDA64-2FFB-424B-84C3-5D12B023BEE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF23F7CD-2A2F-4074-9711-7AF001D27693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DCED84C-D9C4-4863-8323-721C3009046E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "943AE706-D105-4F10-9CEE-DFED2B398BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97BA5833-4D1C-49FE-AED1-C05739C70D9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF784115-7006-49AE-96B9-E983936733B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F070F30-4AFE-4A02-843D-702F08F29630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BC6B43E-6BBF-421A-9F9C-41FEBA72712B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED7C69C-6F3E-442E-BEBE-57E14AA2165F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack "
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de desreferencia de puntero nulo en el componente IPSec de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure permite que un usuario malintencionado no autenticado env\u00ede solicitudes especialmente manipuladas para bloquear el servicio, provocando as\u00ed un ataque DoS."
    }
  ],
  "id": "CVE-2024-22052",
  "lastModified": "2024-11-21T08:55:28.100",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-04-04T20:15:08.333",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-02-11 16:15

Modified

2025-07-16 16:00

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:-:*:*:*:*:*:*",
              "matchCriteriaId": "A0EC2FCD-5402-4269-B86A-18F8DFB8F2C9",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
              "matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files."
    },
    {
      "lang": "es",
      "value": "El control externo de un nombre de archivo en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.6 e Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.3 permite que un atacante remoto autenticado con privilegios de administrador lea archivos arbitrarios."
    }
  ],
  "id": "CVE-2024-12058",
  "lastModified": "2025-07-16T16:00:23.297",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-02-11T16:15:38.663",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-73"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-30 13:15

Modified

2025-07-30 18:59

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.

References

URL	Tags
support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
support@hackerone.com	https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "cisaActionDue": "2022-09-07",
  "cisaExploitAdd": "2022-03-07",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Pulse Connect Secure Code Injection Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87FBC6AD-0A70-4626-A152-E49BECF9F7AF",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A code injection vulnerability exists in Pulse Connect Secure \u003c9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en Pulse Connect Secure versiones anteriores a 9.1R8, que permite a un atacante dise\u00f1ar un URI para llevar a cabo una ejecuci\u00f3n de c\u00f3digo arbitraria por medio de la interfaz web de administraci\u00f3n"
    }
  ],
  "id": "CVE-2020-8218",
  "lastModified": "2025-07-30T18:59:52.417",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2020-07-30T13:15:11.847",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 16:15

Modified

2024-11-22 17:15

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de comandos en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.1 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.1 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-11007",
  "lastModified": "2024-11-22T17:15:07.010",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-12T16:15:20.050",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-02-11 16:15

Modified

2025-02-20 15:55

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82432B1B-F50E-4D85-B4B5-6C91923F1BF9",
              "versionEndIncluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
              "matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA65DC97-7E46-4C59-B8D4-E4EB4EDCD735",
              "versionEndIncluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data."
    },
    {
      "lang": "es",
      "value": "El almacenamiento de informaci\u00f3n en texto plano en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.6 e Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.3 permite que un atacante local autenticado con privilegios de administrador lea datos confidenciales."
    }
  ],
  "id": "CVE-2024-13843",
  "lastModified": "2025-02-20T15:55:03.547",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 4.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-02-11T16:15:39.667",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-06-03 20:29

Modified

2024-11-21 04:21

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance.

References

URL	Tags
cve@mitre.org	https://kb.pulsesecure.net/?atype=sa	Vendor Advisory
cve@mitre.org	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/	Vendor Advisory
cve@mitre.org	https://www.kb.cert.org/vuls/id/927237	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/?atype=sa	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/927237	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.2
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4
pulsesecure	pulse_policy_secure	5.4

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "202E4839-7CE4-49CE-BEE1-CB33A96770E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r1.0:*:*:*:*:*:*",
              "matchCriteriaId": "9BF1434F-BC2F-4C63-B3CB-BBC14F95E0EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "5EF31B2A-7DEE-4C69-ADE5-FFBF176D8DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r10.0:*:*:*:*:*:*",
              "matchCriteriaId": "AFC39A4D-7738-4818-9866-A34C55216401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r11.0:*:*:*:*:*:*",
              "matchCriteriaId": "91B0F725-70CD-4CF4-AF35-4DEB24F7E3E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r11.1:*:*:*:*:*:*",
              "matchCriteriaId": "E6FA7630-082B-4F48-BE53-981052FB7268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r12.0:*:*:*:*:*:*",
              "matchCriteriaId": "46F9CEBB-08AD-42DD-8CEE-6F1C555D1608",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BF7844C4-7A48-49D1-A924-2C546E9C6BB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r13.0:*:*:*:*:*:*",
              "matchCriteriaId": "91884BC5-280F-4E39-88E0-E7C4F6519D71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r14.0:*:*:*:*:*:*",
              "matchCriteriaId": "3E3F03F7-A3CE-4E98-95A7-43906FFE7959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r2.0:*:*:*:*:*:*",
              "matchCriteriaId": "D56B8268-81D1-4CC0-A115-0CDFE8ACD59D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "B10E91CD-0FCC-4DEF-8043-38819C597934",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "9D3965E4-51E0-4F15-B03B-7342EA6BCA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r3.2:*:*:*:*:*:*",
              "matchCriteriaId": "2636BBD1-D46F-4EA2-A460-A343443F838A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r4.0:*:*:*:*:*:*",
              "matchCriteriaId": "ECFA01A7-6AB6-4E6B-82E3-30CE8C776960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "069B315B-FF97-4F3C-A1AB-831E6CD5F94C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "84418011-9D3F-4C72-B911-A6E4CEA171F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "A7D488D9-6AC7-4DE4-9D65-A8E2D287DCB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r7.0:*:*:*:*:*:*",
              "matchCriteriaId": "B3A09079-5587-4FB1-9EC2-F6E44D523CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r8.0:*:*:*:*:*:*",
              "matchCriteriaId": "8FB98CD3-E968-4336-81BD-0132DBD7462C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r9.0:*:*:*:*:*:*",
              "matchCriteriaId": "C5465537-625D-4A9D-8787-FF4744681BA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "96A2E24D-5EE5-46CF-AAA0-8474C4F641F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r9.2:*:*:*:*:*:*",
              "matchCriteriaId": "1243FDDA-6D64-408E-8911-FA1D37A915ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r1.0:*:*:*:*:*:*",
              "matchCriteriaId": "48B04626-10A7-4A12-AF3D-61C8D980AA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "183E1DD7-EE4B-47C4-99E2-CD06ED2E0D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r10.0:*:*:*:*:*:*",
              "matchCriteriaId": "00F4DF7B-ED7F-46FC-8B12-5527FB5A4305",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r11.0:*:*:*:*:*:*",
              "matchCriteriaId": "4A5AF6A0-6613-4B15-A1A3-AEAC0EF7E374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r12.0:*:*:*:*:*:*",
              "matchCriteriaId": "970C2BEE-5798-4A5F-8D4E-7970BFCF0CD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r2.0:*:*:*:*:*:*",
              "matchCriteriaId": "1D187DDB-96C8-4435-992E-CFEEE24BC7C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r3.0:*:*:*:*:*:*",
              "matchCriteriaId": "1CA6CBE1-CF6C-4D8C-BAB3-0B78E56E85DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "761102E8-04DB-465A-A592-98C5F5E0ADFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r4.0:*:*:*:*:*:*",
              "matchCriteriaId": "3F7455AD-E662-4817-A343-9ACCE763B78E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "A1F61A93-6E90-4063-BFCA-166DA0DDCE38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "B5BF94C4-0456-4CB1-9CC5-02A316C84E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r5.1:*:*:*:*:*:*",
              "matchCriteriaId": "35F94103-0DB3-4D3A-8247-59E1F86743B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "784ADC67-57BF-4FFA-AC13-5F2F1208F39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r7.0:*:*:*:*:*:*",
              "matchCriteriaId": "E6D81535-5163-4DAD-8AAA-61F107E11EB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r7.1:*:*:*:*:*:*",
              "matchCriteriaId": "DCF535C6-97A2-4222-9BF4-A7D16E5598FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r8.0:*:*:*:*:*:*",
              "matchCriteriaId": "2B3806F4-53E6-47B2-9D16-69B566DAAD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "A37BEF28-D0D5-46BD-A460-32734D0D63B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "363C9E09-EC06-4A34-8C25-97DCCAA992E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r9.0:*:*:*:*:*:*",
              "matchCriteriaId": "3AB170D9-42AF-417B-8EF8-2895F54D0AEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2871AAD9-FC12-4E2D-B722-0F721D7FE101",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "2A319BAB-F483-4926-9700-760D8025F747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "AA6BD7FD-29A3-468C-8A85-63202EB1B625",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "00AA23DF-CA30-41FC-9563-C95BA7D31129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r4:*:*:*:*:*:*",
              "matchCriteriaId": "D85A6292-EE41-487C-A1DC-0E8E443A8075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r5:*:*:*:*:*:*",
              "matchCriteriaId": "2D829F28-4FFF-40C9-AF62-455BA5BB4E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r5.1:*:*:*:*:*:*",
              "matchCriteriaId": "8DC693D8-D12B-4A0B-808A-A0808BAA33DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r5.2:*:*:*:*:*:*",
              "matchCriteriaId": "3837BB6E-5236-4B2D-9693-4DE85C7845C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r6:*:*:*:*:*:*",
              "matchCriteriaId": "72430B2F-A311-4DF7-ABBB-1EE0BAF507FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r6.1:*:*:*:*:*:*",
              "matchCriteriaId": "B7FCDCCF-8509-431A-B450-B18C110AAE19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r7:*:*:*:*:*:*",
              "matchCriteriaId": "718B6320-E7BE-4715-A446-541D1AADA027",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D47D09A8-4AC4-4CD9-B648-5F26453E2E1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "59331DC5-FF5F-4BB3-905E-5A4A621F86ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "6A708C3F-9050-4475-95B3-4785D3E2CB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "52851AAA-88FB-40BC-B41A-B821F6BA9F79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*",
              "matchCriteriaId": "5DA976D9-A330-475E-B8C0-09EF3E08F18D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAA1F3F-FC78-43C1-814A-19E94AC4A844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D47D09A8-4AC4-4CD9-B648-5F26453E2E1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "59331DC5-FF5F-4BB3-905E-5A4A621F86ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "6A708C3F-9050-4475-95B3-4785D3E2CB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "52851AAA-88FB-40BC-B41A-B821F6BA9F79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD00E2EC-B772-4FE8-8CC5-829BE45BE878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02986965-0782-4BCA-8CD6-0239F41D857D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r1.0:*:*:*:*:*:*",
              "matchCriteriaId": "E7F9AA1E-7BF4-4E58-97BE-136924689E52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r10.0:*:*:*:*:*:*",
              "matchCriteriaId": "2D06CEEE-2DCF-433D-B894-568EEF6E1C4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r11.0:*:*:*:*:*:*",
              "matchCriteriaId": "69C15133-1A8F-4C6A-99ED-2BB47CD878A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r2.0:*:*:*:*:*:*",
              "matchCriteriaId": "7711F334-1743-433E-A30D-630EAA72061C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r3.0:*:*:*:*:*:*",
              "matchCriteriaId": "ACBBAE14-3BBD-4425-AB53-D0A2998B341A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r3.2:*:*:*:*:*:*",
              "matchCriteriaId": "85DAD6CD-15E7-4401-9DF8-135B6D8C629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r4.0:*:*:*:*:*:*",
              "matchCriteriaId": "67322873-15B9-49E9-9828-3B46A83BAA03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "33E8CF2C-C51E-4470-9CA4-A8FE6EAC9AF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "EE9EBE2F-8B10-479A-BDC4-E8777836B72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r7.0:*:*:*:*:*:*",
              "matchCriteriaId": "E05CD6D2-B0CB-48D4-874C-A0D2A9FC9E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r7.1:*:*:*:*:*:*",
              "matchCriteriaId": "BD61ABE7-E1B8-4370-9DDC-FCDED9839C82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r8.0:*:*:*:*:*:*",
              "matchCriteriaId": "BD067BC2-5FCE-4CB5-9D2A-F1F2CFAC9368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r9.0:*:*:*:*:*:*",
              "matchCriteriaId": "76DE6AB9-13E7-4A73-95E6-213C3FD67C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "0595DA20-8C20-47E3-B91A-A437B6585008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0C692A5-5AEA-434E-A5F6-8AC56719D0EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D7D1B75B-CFB5-48ED-847A-D60E14A72C71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "5B1543C9-3A4B-4DDC-ADD4-20EA6F44AA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "ECA76217-878B-426D-8C9C-2FEA1A81EC66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "623D0428-4DE6-4A2C-931D-4AEEFC5E9970",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r4:*:*:*:*:*:*",
              "matchCriteriaId": "7FC3625D-07A0-4E2F-BD8A-D831ECFA51CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r5:*:*:*:*:*:*",
              "matchCriteriaId": "D0ED8C46-CEFB-45AA-9F3D-6C177A2B79CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r5.2:*:*:*:*:*:*",
              "matchCriteriaId": "7140B495-92BD-498D-B164-C75526DF7BE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r6:*:*:*:*:*:*",
              "matchCriteriaId": "195EF6A3-303F-47B8-BBB5-1EF2F532C37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r6.1:*:*:*:*:*:*",
              "matchCriteriaId": "E3C9A6FB-E954-411A-B561-5DA8F1514E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r7:*:*:*:*:*:*",
              "matchCriteriaId": "B174CECC-9B31-4DC3-B3F7-04E76ACADE30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance."
    },
    {
      "lang": "es",
      "value": "En Pulse Secure Pulse Secure Connect (PCS) anterior de la versi\u00f3n 8.1R15.1, 8.2 anterior de la versi\u00f3n 8.2R12.1, 8.3 anterior de la versi\u00f3n 8.3R7.1 y 9.0 anterior  de  9.0R3.4 y Pulse Policy Secure (PPS) anterior de la versi\u00f3n 5.1R15.1, 5.2 anterior  de la versi\u00f3n 5.2R12.1, 5.3 anterior de la versi\u00f3n  5.3R15.1, 5.4 anterior de  la versi\u00f3n 5.4R7.1 y 9.0 ante de la versi\u00f3n 9.0R3.2, un atacante identificado (a trav\u00e9s de la interfaz web de administraci\u00f3n) puede operar el control de acceso incorrecto para ejecutar c\u00f3digo arbitrario en el dispositivo ."
    }
  ],
  "id": "CVE-2019-11509",
  "lastModified": "2024-11-21T04:21:14.110",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-03T20:29:00.517",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/?atype=sa"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/927237"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/?atype=sa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/927237"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-13 02:15

Modified

2025-06-27 18:43

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.1 and 9.1R18.9 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.1 and 9.1R18.9 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de argumentos en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.1 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.1 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-38655",
  "lastModified": "2025-06-27T18:43:22.000",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-13T02:15:18.650",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 16:15

Modified

2025-01-17 20:04

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A null pointer dereference in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to cause a denial of service.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A null pointer dereference in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to cause a denial of service."
    },
    {
      "lang": "es",
      "value": "Una desreferencia de puntero nulo en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.1 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.1 permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-8495",
  "lastModified": "2025-01-17T20:04:56.517",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-12T16:15:26.560",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-04-04 23:15

Modified

2024-11-21 08:55

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.3
ivanti	connect_secure	22.4
ivanti	connect_secure	22.5
ivanti	connect_secure	22.6
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2
ivanti	policy_secure	22.3
ivanti	policy_secure	22.4
ivanti	policy_secure	22.5
ivanti	policy_secure	22.6

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:lts:*:*:*",
              "matchCriteriaId": "4F06BC30-D62D-4A8F-8279-69C1A4A77357",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FCEFEAE-2A69-4B54-B59F-207E182587B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E34306-6D29-44FF-914C-F56A0BDB9BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "72229EFD-B5F2-4EFA-9B62-8CB30767E9A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FDDA64-2FFB-424B-84C3-5D12B023BEE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF23F7CD-2A2F-4074-9711-7AF001D27693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DCED84C-D9C4-4863-8323-721C3009046E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "943AE706-D105-4F10-9CEE-DFED2B398BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97BA5833-4D1C-49FE-AED1-C05739C70D9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF784115-7006-49AE-96B9-E983936733B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F070F30-4AFE-4A02-843D-702F08F29630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BC6B43E-6BBF-421A-9F9C-41FEBA72712B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED7C69C-6F3E-442E-BEBE-57E14AA2165F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code "
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de desbordamiento de mont\u00f3n en el componente IPSec de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure permite que un usuario malintencionado no autenticado env\u00ede solicitudes especialmente manipuladas para bloquear el servicio, provocando as\u00ed un ataque DoS. En determinadas condiciones, esto puede conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
    }
  ],
  "id": "CVE-2024-21894",
  "lastModified": "2024-11-21T08:55:12.850",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-04-04T23:15:15.640",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-27 23:15

Modified

2024-11-21 05:00

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and can be retrieved. (The source code is otherwise inaccessible because the appliance has its hard disks encrypted, and no root shell is available during normal operation.)

References

URL	Tags
cve@mitre.org	https://kb.pulsesecure.net/?atype=sa	Vendor Advisory
cve@mitre.org	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/?atype=sa	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and can be retrieved. (The source code is otherwise inaccessible because the appliance has its hard disks encrypted, and no root shell is available during normal operation.)"
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema en Pulse Policy Secure (PPS) y Pulse Connect Secure (PCS) Virtual Appliance versiones anteriores a 9.1R8. Al manipular un determinado par\u00e1metro de arranque del kernel, puede ser enga\u00f1ado para que caiga en un shell root en una fase previa a la instalaci\u00f3n donde el c\u00f3digo fuente completo del dispositivo est\u00e1 disponible y puede ser recuperado. (De lo contrario, el c\u00f3digo fuente es inaccesible porque el dispositivo posee sus discos duros cifrados y no existe ning\u00fan shell root disponible durante el funcionamiento normal)"
    }
  ],
  "id": "CVE-2020-12880",
  "lastModified": "2024-11-21T05:00:28.783",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-27T23:15:12.497",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/?atype=sa"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/?atype=sa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-12-05 22:15

Modified

2025-04-24 15:15

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW	Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW	Third Party Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	21.9
ivanti	connect_secure	21.12
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.2
ivanti	neurons_for_zero-trust_access	22.2
ivanti	policy_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*",
              "matchCriteriaId": "130C8955-BDA4-4518-8EBA-740EB08FC3E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*",
              "matchCriteriaId": "5AA4B39F-2FB9-4752-B1F1-18812B0990B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*",
              "matchCriteriaId": "232BAB6C-D318-4F80-8F49-4E700C21F535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*",
              "matchCriteriaId": "ABD840BF-944E-4F4C-96DC-0256286338F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*",
              "matchCriteriaId": "A1995F34-AE75-47C4-9A9D-DBB1D3E130E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
              "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
              "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*",
              "matchCriteriaId": "7162C24D-D181-49CC-B8C2-9EE3E0CDF846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
              "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2.0:*:*:*:*:*:*",
              "matchCriteriaId": "4E2D041D-9BDD-416D-B658-1C517C854104",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3.0:*:*:*:*:*:*",
              "matchCriteriaId": "7155EB34-E8E0-49AF-BDA2-FB4BFA44662E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.0:*:*:*:*:*:*",
              "matchCriteriaId": "25EE614A-5F32-4CA9-998A-4FAF16DC100C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "F49EE829-A2CD-491E-BFC3-7888491D7C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "2254DDF1-7FF3-49E1-8826-91F49A6794F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7.0:*:*:*:*:*:*",
              "matchCriteriaId": "B8EA4DA8-CD09-41AC-ADCB-27CF771C016B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.0:*:*:*:*:*:*",
              "matchCriteriaId": "4D6CECCB-18BA-4219-95A2-2525A2BDCE36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.4:*:*:*:*:*:*",
              "matchCriteriaId": "07AB853D-5A3F-4142-8417-1C9FB729A89E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.0:*:*:*:*:*:*",
              "matchCriteriaId": "B7006C07-0E3F-4890-A1B3-533E10924D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.2:*:*:*:*:*:*",
              "matchCriteriaId": "F54753D0-6275-4F82-B874-55438D2983B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*",
              "matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "24514B40-540E-45D7-90DC-BCC1D9D7E92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1."
    },
    {
      "lang": "es",
      "value": "Un atacante no autenticado puede provocar una Denegaci\u00f3n de Servicio (DoS) a los siguientes productos: \nIvanti Connect Secure (ICS) en versiones anteriores a 9.1R14.3, 9.1R15.2, 9.1R16.2 y 22.2R4, \nIvanti Policy Secure (IPS ) en versiones anteriores a 9.1R17 y 22.3R1,\ne Ivanti Neurons for Zero-Trust Access en versiones anteriores a 22.3R1."
    }
  ],
  "id": "CVE-2022-35254",
  "lastModified": "2025-04-24T15:15:47.600",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-12-05T22:15:10.457",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-04-04 20:15

Modified

2024-11-21 08:55

Severity ?

8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Summary

A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.3
ivanti	connect_secure	22.4
ivanti	connect_secure	22.5
ivanti	connect_secure	22.6
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2
ivanti	policy_secure	22.3
ivanti	policy_secure	22.4
ivanti	policy_secure	22.5
ivanti	policy_secure	22.6

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:lts:*:*:*",
              "matchCriteriaId": "4F06BC30-D62D-4A8F-8279-69C1A4A77357",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FCEFEAE-2A69-4B54-B59F-207E182587B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E34306-6D29-44FF-914C-F56A0BDB9BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "72229EFD-B5F2-4EFA-9B62-8CB30767E9A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FDDA64-2FFB-424B-84C3-5D12B023BEE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF23F7CD-2A2F-4074-9711-7AF001D27693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DCED84C-D9C4-4863-8323-721C3009046E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "943AE706-D105-4F10-9CEE-DFED2B398BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97BA5833-4D1C-49FE-AED1-C05739C70D9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF784115-7006-49AE-96B9-E983936733B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F070F30-4AFE-4A02-843D-702F08F29630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BC6B43E-6BBF-421A-9F9C-41FEBA72712B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED7C69C-6F3E-442E-BEBE-57E14AA2165F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x\n 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory. "
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de desbordamiento de mont\u00f3n en el componente IPSec de Ivanti Connect Secure (9.x 22.x) e Ivanti Policy Secure permite que un usuario malintencionado no autenticado env\u00ede solicitudes especialmente manipuladas para bloquear el servicio, provocando as\u00ed un ataque DoS o en determinadas condiciones. leer contenidos de la memoria."
    }
  ],
  "id": "CVE-2024-22053",
  "lastModified": "2024-11-21T08:55:28.270",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-04-04T20:15:08.500",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-28 13:15

Modified

2024-11-21 05:38

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Summary

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_connect_secure	*
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43AF1D62-D827-4495-A4B0-CCA0C2BEE68F",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F30A80-665D-4726-983C-36FED0CBF6E1",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Pulse Connect Secure / Pulse Policy Secure \u003c 9.1R9 is vulnerable to arbitrary cookie injection."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en Pulse Connect Secure / Pulse Policy Secure versiones anteriores a 9.1R9, es vulnerable a una inyecci\u00f3n de cookies arbitraria"
    }
  ],
  "id": "CVE-2020-8261",
  "lastModified": "2024-11-21T05:38:36.697",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-28T13:15:13.137",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-07-30 13:15

Modified

2024-11-21 05:38

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An improper authentication vulnerability exists in Pulse Connect Secure \u003c9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de autenticaci\u00f3n inapropiada en Pulse Connect Secure versiones anteriores a 9.1RB, que permite a un atacante con credenciales primarias de los usuarios omitir el TOTP de Google"
    }
  ],
  "id": "CVE-2020-8206",
  "lastModified": "2024-11-21T05:38:30.207",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-30T13:15:11.533",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-28 13:15

Modified

2024-11-21 05:38

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_connect_secure	*
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43AF1D62-D827-4495-A4B0-CCA0C2BEE68F",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F30A80-665D-4726-983C-36FED0CBF6E1",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en Pulse Connect Secure / Pulse Policy Secure versiones por debajo de 9.1R9, podr\u00eda permitir a atacantes conducir ataques de tipo Cross-Site Scripting (XSS) y Redireccionamiento Abierto para la interfaz de usuario web autenticada"
    }
  ],
  "id": "CVE-2020-8262",
  "lastModified": "2024-11-21T05:38:36.810",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-28T13:15:13.213",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 16:15

Modified

2025-01-17 20:27

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8B38BEE-671B-4B29-A230-C92ACEE60C74",
              "versionEndExcluding": "22.7",
              "versionStartExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0905A2B5-F9DF-48C9-9DA4-2D4C1C7BC0F5",
              "versionEndExcluding": "22.7",
              "versionStartExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges."
    },
    {
      "lang": "es",
      "value": "Los privilegios binarios excesivos en Ivanti Connect Secure, que afectan a las versiones 22.4R2 a 22.7R2.2 inclusive dentro de la l\u00ednea de lanzamiento R2 y a Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.2, permiten que un atacante autenticado local escale privilegios."
    }
  ],
  "id": "CVE-2024-47906",
  "lastModified": "2025-01-17T20:27:14.100",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-11-12T16:15:22.670",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-267"
        },
        {
          "lang": "en",
          "value": "CWE-426"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-426"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-08 15:15

Modified

2025-07-15 13:23

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

Summary

Improper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated admin with read-only rights to modify settings that should be restricted.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
              "matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.6:*:*:*:*:*:*",
              "matchCriteriaId": "C3019D80-C578-437E-A304-F49F1AEC24F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.7:*:*:*:*:*:*",
              "matchCriteriaId": "A2EFC001-63D4-4FD0-8E14-C5A1C9E3BF9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "4C12D325-77E1-4873-8A77-D76F4A73BCF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "95E4AE0D-614C-4300-9ADB-8442EF9A84C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated admin with read-only rights to modify settings that should be restricted."
    },
    {
      "lang": "es",
      "value": "El control de acceso inadecuado en el componente de administraci\u00f3n de certificados de Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.8 y de Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.5 permite que un administrador autenticado remoto con derechos de solo lectura modifique configuraciones que deber\u00edan estar restringidas."
    }
  ],
  "id": "CVE-2025-5450",
  "lastModified": "2025-07-15T13:23:45.850",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 2.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-07-08T15:15:31.103",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-602"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-01-08 23:15

Modified

2025-01-14 15:58

Severity ?

7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	*
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	21.9
ivanti	connect_secure	21.12
ivanti	connect_secure	22.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	neurons_for_zero-trust_access	-
ivanti	neurons_for_zero-trust_access	22.2
ivanti	neurons_for_zero-trust_access	22.2
ivanti	neurons_for_zero-trust_access	22.2
ivanti	neurons_for_zero-trust_access	22.3
ivanti	neurons_for_zero-trust_access	22.3
ivanti	neurons_for_zero-trust_access	22.4
ivanti	neurons_for_zero-trust_access	22.4
ivanti	neurons_for_zero-trust_access	22.5
ivanti	neurons_for_zero-trust_access	22.5
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C990BF25-46FA-491B-BED0-7C41F10EA49C",
              "versionEndExcluding": "22.7",
              "versionStartIncluding": "22.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*",
              "matchCriteriaId": "130C8955-BDA4-4518-8EBA-740EB08FC3E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*",
              "matchCriteriaId": "5AA4B39F-2FB9-4752-B1F1-18812B0990B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*",
              "matchCriteriaId": "232BAB6C-D318-4F80-8F49-4E700C21F535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*",
              "matchCriteriaId": "ABD840BF-944E-4F4C-96DC-0256286338F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*",
              "matchCriteriaId": "A1995F34-AE75-47C4-9A9D-DBB1D3E130E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
              "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
              "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*",
              "matchCriteriaId": "7162C24D-D181-49CC-B8C2-9EE3E0CDF846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14.4:*:*:*:*:*:*",
              "matchCriteriaId": "06520C75-9326-4C21-8AD6-6DE1ED031959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
              "matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
              "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
              "matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.2:*:*:*:*:*:*",
              "matchCriteriaId": "8971445A-D65F-4C0E-906F-7AC4953C5689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*",
              "matchCriteriaId": "080CD832-3324-4158-A4CD-3A2E49B7BC74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*",
              "matchCriteriaId": "DB2B8165-E9D4-4549-B16E-A62810BDAF8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.3:*:*:*:*:*:*",
              "matchCriteriaId": "014C7627-F211-48B1-80FA-3A7F608B4F23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.7:*:*:*:*:*:*",
              "matchCriteriaId": "A5592C84-538C-47AB-8042-09B42D89BB0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.8:*:*:*:*:*:*",
              "matchCriteriaId": "7DC6A046-F81C-4CBA-B06E-081AA550C91C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.9:*:*:*:*:*:*",
              "matchCriteriaId": "95500536-B5FD-4373-BF78-FB17745EB5F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*",
              "matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "6564FE9E-7D96-4226-8378-DAC25525CDD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E4387B4-BC5C-41DE-92DA-84866A649AD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "24514B40-540E-45D7-90DC-BCC1D9D7E92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r4:*:*:*:*:*:*",
              "matchCriteriaId": "BFD510E9-12DC-4942-BAA0-6405CBD905EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r5:*:*:*:*:*:*",
              "matchCriteriaId": "EA11BB6D-36C7-438B-A5A7-71C3CB2E5EC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "7B01001B-FA11-4297-AB81-12A00B97C820",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r4:*:*:*:*:*:*",
              "matchCriteriaId": "9F28E6B1-44AB-4635-8939-5B0A44BED1E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "3E9D957B-49F9-492D-A66A-0D25BA27AD35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "D1AB497E-E403-4DEE-A83D-CB2E119E5E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CA6B3322-9AFB-44B5-B571-995AB606FD01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "47CB7C12-D642-4015-842C-37241F87DB86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "58E49DF1-F66A-4F52-87FA-A50DFD735ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "62A0393A-C1C6-4708-BC41-5A5B8FB765FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "1F3358B0-4751-4DCD-8BFC-BB4C68505658",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "5C9313A0-2F33-412B-A6F0-E51AE19E199B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.6:*:*:*:*:*:*",
              "matchCriteriaId": "2979603E-F5CF-4C53-9828-36795E1B6247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.7:*:*:*:*:*:*",
              "matchCriteriaId": "D0D33C96-EE5C-41EB-8D9F-88ED025C191A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "9F0A44E1-3670-4AD5-A54D-FDA6C200AA73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "C5B4CE43-2D9B-4DF9-AC2A-F649622CD190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "3C9B3FF8-F613-404D-BC85-9DD6F2A6DB5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "CFC583B5-18F5-4943-8C68-6C601857CE5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "6E4DE5D9-C92B-4143-835F-2D16F0CC328F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.6:*:*:*:*:*:*",
              "matchCriteriaId": "F874F69E-C621-4C4B-802F-900E7BFAB71B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "67D43D1D-564D-4ACD-B0FF-3828B95E9864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "BC8480E0-17C0-4590-950F-D3954E735365",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3FAF4FB0-A88C-4A87-B6CB-32EF7B415885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en pila en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.5, Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.2 e Ivanti Neurons para puertas de enlace ZTA anteriores a la versi\u00f3n 22.7R2.3 permite que un atacante autenticado local escale sus privilegios."
    }
  ],
  "id": "CVE-2025-0283",
  "lastModified": "2025-01-14T15:58:55.813",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-01-08T23:15:09.920",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-13 02:15

Modified

2025-07-11 13:53

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de argumentos en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.1 y 9.1R18.7 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.1 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-39712",
  "lastModified": "2025-07-11T13:53:42.127",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-13T02:15:19.480",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-13 02:15

Modified

2025-07-11 13:53

Severity ?

9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1  allows a remote authenticated attacker with admin privileges to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de argumentos en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.1 y 9.1R18.7 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.1 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-39711",
  "lastModified": "2025-07-11T13:53:54.127",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-13T02:15:19.317",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-12 16:15

Modified

2025-03-13 16:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	*
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C616EB87-8CE7-44E1-92A7-E5ED6E8C414A",
              "versionEndExcluding": "22.7",
              "versionStartIncluding": "21.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*",
              "matchCriteriaId": "130C8955-BDA4-4518-8EBA-740EB08FC3E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*",
              "matchCriteriaId": "5AA4B39F-2FB9-4752-B1F1-18812B0990B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*",
              "matchCriteriaId": "232BAB6C-D318-4F80-8F49-4E700C21F535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*",
              "matchCriteriaId": "ABD840BF-944E-4F4C-96DC-0256286338F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*",
              "matchCriteriaId": "A1995F34-AE75-47C4-9A9D-DBB1D3E130E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
              "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
              "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*",
              "matchCriteriaId": "7162C24D-D181-49CC-B8C2-9EE3E0CDF846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14.4:*:*:*:*:*:*",
              "matchCriteriaId": "06520C75-9326-4C21-8AD6-6DE1ED031959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
              "matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
              "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
              "matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.2:*:*:*:*:*:*",
              "matchCriteriaId": "8971445A-D65F-4C0E-906F-7AC4953C5689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*",
              "matchCriteriaId": "080CD832-3324-4158-A4CD-3A2E49B7BC74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*",
              "matchCriteriaId": "DB2B8165-E9D4-4549-B16E-A62810BDAF8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.3:*:*:*:*:*:*",
              "matchCriteriaId": "014C7627-F211-48B1-80FA-3A7F608B4F23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.7:*:*:*:*:*:*",
              "matchCriteriaId": "A5592C84-538C-47AB-8042-09B42D89BB0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.8:*:*:*:*:*:*",
              "matchCriteriaId": "7DC6A046-F81C-4CBA-B06E-081AA550C91C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2.0:*:*:*:*:*:*",
              "matchCriteriaId": "4E2D041D-9BDD-416D-B658-1C517C854104",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3.0:*:*:*:*:*:*",
              "matchCriteriaId": "7155EB34-E8E0-49AF-BDA2-FB4BFA44662E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.0:*:*:*:*:*:*",
              "matchCriteriaId": "25EE614A-5F32-4CA9-998A-4FAF16DC100C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "F49EE829-A2CD-491E-BFC3-7888491D7C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "2254DDF1-7FF3-49E1-8826-91F49A6794F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7.0:*:*:*:*:*:*",
              "matchCriteriaId": "B8EA4DA8-CD09-41AC-ADCB-27CF771C016B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.0:*:*:*:*:*:*",
              "matchCriteriaId": "4D6CECCB-18BA-4219-95A2-2525A2BDCE36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.4:*:*:*:*:*:*",
              "matchCriteriaId": "07AB853D-5A3F-4142-8417-1C9FB729A89E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.0:*:*:*:*:*:*",
              "matchCriteriaId": "B7006C07-0E3F-4890-A1B3-533E10924D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.2:*:*:*:*:*:*",
              "matchCriteriaId": "F54753D0-6275-4F82-B874-55438D2983B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9\n\n and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution"
    },
    {
      "lang": "es",
      "value": "Use-after-free en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.3 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.2 permite que un atacante remoto autenticado logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-9420",
  "lastModified": "2025-03-13T16:15:25.893",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-12T16:15:26.760",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-04-26 02:29

Modified

2025-04-03 19:50

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands.

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
cve@mitre.org	http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html	Third Party Advisory, VDB Entry
cve@mitre.org	http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html	Third Party Advisory, VDB Entry, Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/108073	Third Party Advisory, VDB Entry, Broken Link
cve@mitre.org	https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/	Exploit, Third Party Advisory
cve@mitre.org	https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf	Exploit, Third Party Advisory
cve@mitre.org	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101	Third Party Advisory, Vendor Advisory
cve@mitre.org	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010	Third Party Advisory
cve@mitre.org	https://www.kb.cert.org/vuls/id/927237	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html	Third Party Advisory, VDB Entry, Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108073	Third Party Advisory, VDB Entry, Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101	Third Party Advisory, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/927237	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.1
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.2
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	8.3
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	connect_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
pulsesecure	pulse_policy_secure	5.1r1.0
pulsesecure	pulse_policy_secure	5.1r1.1
pulsesecure	pulse_policy_secure	5.1r2.0
pulsesecure	pulse_policy_secure	5.1r2.1
pulsesecure	pulse_policy_secure	5.1r3.0
pulsesecure	pulse_policy_secure	5.1r3.2
pulsesecure	pulse_policy_secure	5.1r4.0
pulsesecure	pulse_policy_secure	5.1r5.0
pulsesecure	pulse_policy_secure	5.1r6.0
pulsesecure	pulse_policy_secure	5.1r7.0
pulsesecure	pulse_policy_secure	5.1r8.0
pulsesecure	pulse_policy_secure	5.1r9.0
pulsesecure	pulse_policy_secure	5.1r9.1
pulsesecure	pulse_policy_secure	5.1r10.0
pulsesecure	pulse_policy_secure	5.1r11.0
pulsesecure	pulse_policy_secure	5.1r11.1
pulsesecure	pulse_policy_secure	5.1r12.0
pulsesecure	pulse_policy_secure	5.1r12.1
pulsesecure	pulse_policy_secure	5.1r13.0
pulsesecure	pulse_policy_secure	5.1r14.0
pulsesecure	pulse_policy_secure	5.2r1.0
pulsesecure	pulse_policy_secure	5.2r2.0
pulsesecure	pulse_policy_secure	5.2r3.0
pulsesecure	pulse_policy_secure	5.2r3.2
pulsesecure	pulse_policy_secure	5.2r4.0
pulsesecure	pulse_policy_secure	5.2r5.0
pulsesecure	pulse_policy_secure	5.2r6.0
pulsesecure	pulse_policy_secure	5.2r7.0
pulsesecure	pulse_policy_secure	5.2r7.1
pulsesecure	pulse_policy_secure	5.2r8.0
pulsesecure	pulse_policy_secure	5.2r9.0
pulsesecure	pulse_policy_secure	5.2r9.1
pulsesecure	pulse_policy_secure	5.2r10.0
pulsesecure	pulse_policy_secure	5.2r11.0
pulsesecure	pulse_policy_secure	5.2rx
pulsesecure	pulse_policy_secure	5.3r1.0
pulsesecure	pulse_policy_secure	5.3r1.1
pulsesecure	pulse_policy_secure	5.3r2.0
pulsesecure	pulse_policy_secure	5.3r3.0
pulsesecure	pulse_policy_secure	5.3r3.1
pulsesecure	pulse_policy_secure	5.3r4.0
pulsesecure	pulse_policy_secure	5.3r4.1
pulsesecure	pulse_policy_secure	5.3r5.0
pulsesecure	pulse_policy_secure	5.3r5.1
pulsesecure	pulse_policy_secure	5.3r5.2
pulsesecure	pulse_policy_secure	5.3r6.0
pulsesecure	pulse_policy_secure	5.3r7.0
pulsesecure	pulse_policy_secure	5.3r8.0
pulsesecure	pulse_policy_secure	5.3r8.1
pulsesecure	pulse_policy_secure	5.3r8.2
pulsesecure	pulse_policy_secure	5.3r9.0
pulsesecure	pulse_policy_secure	5.3r10.
pulsesecure	pulse_policy_secure	5.3r11.0
pulsesecure	pulse_policy_secure	5.3r12.0
pulsesecure	pulse_policy_secure	5.3rx
pulsesecure	pulse_policy_secure	5.4r1
pulsesecure	pulse_policy_secure	5.4r2
pulsesecure	pulse_policy_secure	5.4r2.1
pulsesecure	pulse_policy_secure	5.4r3
pulsesecure	pulse_policy_secure	5.4r4
pulsesecure	pulse_policy_secure	5.4r5
pulsesecure	pulse_policy_secure	5.4r5.2
pulsesecure	pulse_policy_secure	5.4r6
pulsesecure	pulse_policy_secure	5.4r6.1
pulsesecure	pulse_policy_secure	5.4r7
pulsesecure	pulse_policy_secure	5.4rx

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "CA1B64EC-AD68-4F55-9CA2-4A1841764CF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r1.0:*:*:*:*:*:*",
              "matchCriteriaId": "9BF1434F-BC2F-4C63-B3CB-BBC14F95E0EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "5EF31B2A-7DEE-4C69-ADE5-FFBF176D8DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r10.0:*:*:*:*:*:*",
              "matchCriteriaId": "AFC39A4D-7738-4818-9866-A34C55216401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r11.0:*:*:*:*:*:*",
              "matchCriteriaId": "91B0F725-70CD-4CF4-AF35-4DEB24F7E3E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r11.1:*:*:*:*:*:*",
              "matchCriteriaId": "E6FA7630-082B-4F48-BE53-981052FB7268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r12.0:*:*:*:*:*:*",
              "matchCriteriaId": "46F9CEBB-08AD-42DD-8CEE-6F1C555D1608",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BF7844C4-7A48-49D1-A924-2C546E9C6BB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r13.0:*:*:*:*:*:*",
              "matchCriteriaId": "91884BC5-280F-4E39-88E0-E7C4F6519D71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r14.0:*:*:*:*:*:*",
              "matchCriteriaId": "3E3F03F7-A3CE-4E98-95A7-43906FFE7959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r2.0:*:*:*:*:*:*",
              "matchCriteriaId": "D56B8268-81D1-4CC0-A115-0CDFE8ACD59D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "B10E91CD-0FCC-4DEF-8043-38819C597934",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r3.0:*:*:*:*:*:*",
              "matchCriteriaId": "90781AFB-D463-40F4-9A74-8F0256ACE64F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "9D3965E4-51E0-4F15-B03B-7342EA6BCA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r3.2:*:*:*:*:*:*",
              "matchCriteriaId": "2636BBD1-D46F-4EA2-A460-A343443F838A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r4.0:*:*:*:*:*:*",
              "matchCriteriaId": "ECFA01A7-6AB6-4E6B-82E3-30CE8C776960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "069B315B-FF97-4F3C-A1AB-831E6CD5F94C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "84418011-9D3F-4C72-B911-A6E4CEA171F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "A7D488D9-6AC7-4DE4-9D65-A8E2D287DCB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "EA6054EC-A05F-46B4-9056-5719B2DB7EFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r7.0:*:*:*:*:*:*",
              "matchCriteriaId": "B3A09079-5587-4FB1-9EC2-F6E44D523CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r8.0:*:*:*:*:*:*",
              "matchCriteriaId": "8FB98CD3-E968-4336-81BD-0132DBD7462C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r9.0:*:*:*:*:*:*",
              "matchCriteriaId": "C5465537-625D-4A9D-8787-FF4744681BA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "96A2E24D-5EE5-46CF-AAA0-8474C4F641F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:r9.2:*:*:*:*:*:*",
              "matchCriteriaId": "1243FDDA-6D64-408E-8911-FA1D37A915ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2BCE3E8-ED64-4CCD-9A3F-3D99476B81E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5F134803-A479-4DBE-B3D4-3A5D121E185F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r1.0:*:*:*:*:*:*",
              "matchCriteriaId": "48B04626-10A7-4A12-AF3D-61C8D980AA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "183E1DD7-EE4B-47C4-99E2-CD06ED2E0D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r10.0:*:*:*:*:*:*",
              "matchCriteriaId": "00F4DF7B-ED7F-46FC-8B12-5527FB5A4305",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r11.0:*:*:*:*:*:*",
              "matchCriteriaId": "4A5AF6A0-6613-4B15-A1A3-AEAC0EF7E374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r12.0:*:*:*:*:*:*",
              "matchCriteriaId": "970C2BEE-5798-4A5F-8D4E-7970BFCF0CD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r2.0:*:*:*:*:*:*",
              "matchCriteriaId": "1D187DDB-96C8-4435-992E-CFEEE24BC7C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r3.0:*:*:*:*:*:*",
              "matchCriteriaId": "1CA6CBE1-CF6C-4D8C-BAB3-0B78E56E85DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "761102E8-04DB-465A-A592-98C5F5E0ADFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r4.0:*:*:*:*:*:*",
              "matchCriteriaId": "3F7455AD-E662-4817-A343-9ACCE763B78E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "A1F61A93-6E90-4063-BFCA-166DA0DDCE38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "B5BF94C4-0456-4CB1-9CC5-02A316C84E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r5.1:*:*:*:*:*:*",
              "matchCriteriaId": "35F94103-0DB3-4D3A-8247-59E1F86743B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "784ADC67-57BF-4FFA-AC13-5F2F1208F39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r7.0:*:*:*:*:*:*",
              "matchCriteriaId": "E6D81535-5163-4DAD-8AAA-61F107E11EB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r7.1:*:*:*:*:*:*",
              "matchCriteriaId": "DCF535C6-97A2-4222-9BF4-A7D16E5598FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r7.2:*:*:*:*:*:*",
              "matchCriteriaId": "40209543-6A6C-4811-834F-1CBF0C13A7E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r8.0:*:*:*:*:*:*",
              "matchCriteriaId": "2B3806F4-53E6-47B2-9D16-69B566DAAD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "A37BEF28-D0D5-46BD-A460-32734D0D63B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "363C9E09-EC06-4A34-8C25-97DCCAA992E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:r9.0:*:*:*:*:*:*",
              "matchCriteriaId": "3AB170D9-42AF-417B-8EF8-2895F54D0AEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "26EF79B8-9D5D-4C00-B42A-B58BB6EDA452",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2871AAD9-FC12-4E2D-B722-0F721D7FE101",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C52DE60A-0B74-406C-B962-313E37806E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "2A319BAB-F483-4926-9700-760D8025F747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "AA6BD7FD-29A3-468C-8A85-63202EB1B625",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "00AA23DF-CA30-41FC-9563-C95BA7D31129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r4:*:*:*:*:*:*",
              "matchCriteriaId": "D85A6292-EE41-487C-A1DC-0E8E443A8075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r5:*:*:*:*:*:*",
              "matchCriteriaId": "2D829F28-4FFF-40C9-AF62-455BA5BB4E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r5.1:*:*:*:*:*:*",
              "matchCriteriaId": "8DC693D8-D12B-4A0B-808A-A0808BAA33DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r5.2:*:*:*:*:*:*",
              "matchCriteriaId": "3837BB6E-5236-4B2D-9693-4DE85C7845C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r6:*:*:*:*:*:*",
              "matchCriteriaId": "72430B2F-A311-4DF7-ABBB-1EE0BAF507FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r6.1:*:*:*:*:*:*",
              "matchCriteriaId": "B7FCDCCF-8509-431A-B450-B18C110AAE19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:8.3:r7:*:*:*:*:*:*",
              "matchCriteriaId": "718B6320-E7BE-4715-A446-541D1AADA027",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D47D09A8-4AC4-4CD9-B648-5F26453E2E1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "59331DC5-FF5F-4BB3-905E-5A4A621F86ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "6A708C3F-9050-4475-95B3-4785D3E2CB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "52851AAA-88FB-40BC-B41A-B821F6BA9F79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*",
              "matchCriteriaId": "5DA976D9-A330-475E-B8C0-09EF3E08F18D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*",
              "matchCriteriaId": "59F4A6F7-A6D4-4517-A316-7C7C002A9ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45491FB0-2EDC-4B62-838F-A8CB2E92F4FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62EC1F3-10DC-4387-B4DA-8EA8086EA390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "75A2801C-029F-469C-9492-9AB0535B1F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "219B113E-88AB-4250-81BB-3735A49A09C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "84885E71-5C0D-4869-97A5-B8F955FBE728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F5AB09-D5D3-4499-BDE8-6471F827D825",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "09FF5E94-07F5-416C-976F-4FF22141A145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E77318F9-AA30-4010-A351-98A3942DA8DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D328C58-51A0-4A62-8CFC-BAA5A9D8EDF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3015D79-3AD8-4EBE-A236-6ADEC2AA4B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8BFFFF2-BA60-483A-BD7E-041EDD1932E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D04A72C3-2735-4F83-8F91-82405C16FE40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A100AF1-A8A7-4E0A-9D29-E00C56C0AAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "596A0CEE-44FD-4A03-8386-750D0E4947D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEDA32E5-A047-49FD-A52C-FDA132881337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "65900FCC-9DD2-4606-B125-451946734453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB8051E3-A7F0-4E17-AB73-E4F1DBD6FB78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A3DEE0B-048F-4FE8-A508-043D87F54611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "262F4B72-D73E-41B4-B62A-39AD505412D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DF64796-2698-48EF-AF93-86F070967C98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A42EFC8-C5FF-4397-87CF-263813FAA5D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C952B5B8-DCAB-476A-9E60-3F1BBE509F21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F199F01-9EEA-4184-AD99-6B21110484AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9938EBCC-B9B7-4FB1-9ACB-9BED485AB5E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B4A309B-ACB0-4053-909A-6889129EB2C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8A4A105-EBF3-4895-9ABE-50972DD232F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4013CA1C-48F0-46F6-B327-E6B34311A7EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "112B9736-336D-4C72-A960-0B33DD3439EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49FA8DC5-900B-4A53-AF55-410A7FF901E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4946BBE-E449-4F89-910C-3389BDF36071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FDBD7BC-C9A7-48C2-B3BC-8E2C90F54268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B56D6E-2429-4511-8FE6-A9BE1226F031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17BD737E-F387-4239-B3C6-E4B71EB13995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFC6D632-9B03-4CFF-85D8-B4127257A47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2rx:*:*:*:*:*:*:*",
              "matchCriteriaId": "C766CBF4-502C-4522-845C-A5436DD1960D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94170224-C78B-458A-B63E-53E303B0DCE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17449ADA-D4CC-4A23-9699-2D3E695C519A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44B21A8C-F09F-4286-8E32-C10E474C8D3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8654C226-F77A-464D-9AD1-010DC11F8C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "70F3AFCF-8723-4F80-89A2-BC9D62CE920E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "545F18AB-635E-47C0-ACFE-8B2A849253FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52DD6EDE-5CF1-4BD9-93B7-8100ED9DDC3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D74E173-3599-4A32-BE9A-482998800122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "116DD35E-B83E-4865-8B54-E5C68D148187",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D02A7DF-69CE-426B-8153-3BA404B4AC64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA199898-3820-4B6C-ADF6-9EA0E8238200",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37EBB8A-48E0-4092-A5E4-ABA0C02934AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EAEBC16-AA55-4145-8FD4-84217DE4CB6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF3A87EB-CEF3-4CE3-A258-EE95560D46F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B273CCA-CFA6-4A73-99D1-44A51ADBAF00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E92137-41D4-4350-AD8D-B2F36FBA5B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r10.:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E78ACD-828A-421D-88B7-C08079CD39A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "60129D21-0A5D-44B6-A9F0-C97E3327C58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13477A91-0880-4CDA-A932-12912909E1AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3rx:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E78343D-6F53-44C0-8C45-694E6D03DB95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7F2FFEC-F243-4D85-888E-339C60B3C0CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A841849-DA0E-4BAA-8807-F42481C9457D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EC5A497-1FA2-4AE4-A611-553129B9F78C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r3:*:*:*:*:*:*:*",
              "matchCriteriaId": "479B25A4-59AA-4FA4-B1CC-E06781D00962",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r4:*:*:*:*:*:*:*",
              "matchCriteriaId": "91C0556B-2420-46F2-A08E-EC83DA514A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r5:*:*:*:*:*:*:*",
              "matchCriteriaId": "479C0704-9FE5-42D6-8968-780391708F44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABE3B07D-879B-4AF2-9AA7-D9F64A577373",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r6:*:*:*:*:*:*:*",
              "matchCriteriaId": "497631E3-0E1F-4267-8ADA-7697FF0BF7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FF444E5-2EEA-4223-85E1-B2EA6D0543E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DA2AD75-A6DD-48D0-83E7-A5F00F31C010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4rx:*:*:*:*:*:*:*",
              "matchCriteriaId": "07A6F2EF-09AF-4DAA-A552-6111C51DD210",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands."
    },
    {
      "lang": "es",
      "value": "En Pulse Secure Pulse Connect Secure versiones 9.0RX anteriores a 9.0R3.4, versiones 8.3RX anteriores a 8.3R7.1, versiones 8.2RX anteriores a 8.2R12.1, y versiones 8.1RX anteriores a 8.1R15.1; Pulse Policy Secure versiones 9.0RX anteriores a 9.0R3.2, versiones 5.4RX anteriores a 5.4R7.1, versiones 5.3RX anteriores a 5.3R12.1, versiones 5.2RX anteriores a 5.2R12.1, y versiones 5.1RX anteriores a 5.1R15.1, la interfaz web de administraci\u00f3n permite a un atacante autenticado inyectar y ejecutar comandos."
    }
  ],
  "id": "CVE-2019-11539",
  "lastModified": "2025-04-03T19:50:18.047",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-04-26T02:29:00.300",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Broken Link"
      ],
      "url": "http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/108073"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/927237"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Broken Link"
      ],
      "url": "http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/108073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/927237"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-02-11 16:15

Modified

2025-02-13 17:09

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Reflected XSS in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
              "matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Reflected XSS in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required."
    },
    {
      "lang": "es",
      "value": "El XSS reflejado en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.6 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.3 permite que un atacante remoto no autenticado obtenga privilegios de administrador. Se requiere la interacci\u00f3n del usuario."
    }
  ],
  "id": "CVE-2024-13830",
  "lastModified": "2025-02-13T17:09:11.660",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-02-11T16:15:39.363",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-11-13 02:15

Modified

2025-06-27 18:42

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n de argumentos en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.2 y 9.1R18.9 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.2 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2024-38656",
  "lastModified": "2025-06-27T18:42:28.510",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-13T02:15:18.830",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-04-03 16:15

Modified

2025-05-03 01:00

Severity ?

9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

References

▶	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7
ivanti	neurons_for_zero-trust_access	-
ivanti	neurons_for_zero-trust_access	22.2
ivanti	neurons_for_zero-trust_access	22.2
ivanti	neurons_for_zero-trust_access	22.2
ivanti	neurons_for_zero-trust_access	22.3
ivanti	neurons_for_zero-trust_access	22.3
ivanti	neurons_for_zero-trust_access	22.4
ivanti	neurons_for_zero-trust_access	22.4
ivanti	neurons_for_zero-trust_access	22.5
ivanti	neurons_for_zero-trust_access	22.5
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.6
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.7
ivanti	neurons_for_zero-trust_access	22.8
ivanti	neurons_for_zero-trust_access	22.8
ivanti	neurons_for_zero-trust_access	22.8
ivanti	policy_secure	*
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7

To clipboard

{
  "cisaActionDue": "2025-04-11",
  "cisaExploitAdd": "2025-04-04",
  "cisaRequiredAction": "Apply mitigations as set forth in the CISA instructions linked below.",
  "cisaVulnerabilityName": "Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:-:*:*:*:*:*:*",
              "matchCriteriaId": "A0EC2FCD-5402-4269-B86A-18F8DFB8F2C9",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
              "matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
              "matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E4387B4-BC5C-41DE-92DA-84866A649AD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "24514B40-540E-45D7-90DC-BCC1D9D7E92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r4:*:*:*:*:*:*",
              "matchCriteriaId": "BFD510E9-12DC-4942-BAA0-6405CBD905EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r5:*:*:*:*:*:*",
              "matchCriteriaId": "EA11BB6D-36C7-438B-A5A7-71C3CB2E5EC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "7B01001B-FA11-4297-AB81-12A00B97C820",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r4:*:*:*:*:*:*",
              "matchCriteriaId": "9F28E6B1-44AB-4635-8939-5B0A44BED1E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "3E9D957B-49F9-492D-A66A-0D25BA27AD35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "D1AB497E-E403-4DEE-A83D-CB2E119E5E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CA6B3322-9AFB-44B5-B571-995AB606FD01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "47CB7C12-D642-4015-842C-37241F87DB86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "58E49DF1-F66A-4F52-87FA-A50DFD735ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "62A0393A-C1C6-4708-BC41-5A5B8FB765FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "1F3358B0-4751-4DCD-8BFC-BB4C68505658",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "5C9313A0-2F33-412B-A6F0-E51AE19E199B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.6:*:*:*:*:*:*",
              "matchCriteriaId": "2979603E-F5CF-4C53-9828-36795E1B6247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.7:*:*:*:*:*:*",
              "matchCriteriaId": "D0D33C96-EE5C-41EB-8D9F-88ED025C191A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "9F0A44E1-3670-4AD5-A54D-FDA6C200AA73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "C5B4CE43-2D9B-4DF9-AC2A-F649622CD190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "3C9B3FF8-F613-404D-BC85-9DD6F2A6DB5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.4:*:*:*:*:*:*",
              "matchCriteriaId": "CFC583B5-18F5-4943-8C68-6C601857CE5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.5:*:*:*:*:*:*",
              "matchCriteriaId": "6E4DE5D9-C92B-4143-835F-2D16F0CC328F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.6:*:*:*:*:*:*",
              "matchCriteriaId": "F874F69E-C621-4C4B-802F-900E7BFAB71B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2:*:*:*:*:*:*",
              "matchCriteriaId": "67D43D1D-564D-4ACD-B0FF-3828B95E9864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "BC8480E0-17C0-4590-950F-D3954E735365",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.3:*:*:*:*:*:*",
              "matchCriteriaId": "3FAF4FB0-A88C-4A87-B6CB-32EF7B415885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.8:r1:*:*:*:*:*:*",
              "matchCriteriaId": "9779B197-1A14-4750-B8BC-9CA00F46D123",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.8:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFF5CD8-AB78-436B-AA16-8447706D0E86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.8:r2:*:*:*:*:*:*",
              "matchCriteriaId": "2ADB0039-5652-428A-96A4-66B29DFB0F9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:-:*:*:*:*:*:*",
              "matchCriteriaId": "48EFA63B-1322-45B0-B86D-87F24A2B4E8A",
              "versionEndExcluding": "22.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
              "matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "4C12D325-77E1-4873-8A77-D76F4A73BCF8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en pila en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.6, Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.4 e Ivanti ZTA Gateways anterior a la versi\u00f3n 22.8R2.2 permite que un atacante remoto no autenticado logre la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2025-22457",
  "lastModified": "2025-05-03T01:00:02.097",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 6.0,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-04-03T16:15:35.370",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-10-27 05:15

Modified

2024-11-21 05:05

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.

References

▶	URL	Tags
	cve@mitre.org	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
pulsesecure	pulse_connect_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
pulsesecure	pulse_policy_secure	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18272F7E-A9BA-4175-B6F6-F7E550D736CE",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo XML external entity (XXE) en Pulse Connect Secure (PCS) versiones anteriores a 9.1R9 y Pulse Policy Secure (PPS) versiones anteriores a 9.1R9, permite a administradores autenticados remotos conducir ataques de tipo server-side request forgery (SSRF) por medio de un DTD dise\u00f1ado en una petici\u00f3n XML"
    }
  ],
  "id": "CVE-2020-15352",
  "lastModified": "2024-11-21T05:05:23.800",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-27T05:15:12.787",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-12-05 22:15

Modified

2024-11-21 07:10

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW	Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW	Third Party Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	21.9
ivanti	connect_secure	21.12
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.2
ivanti	neurons_for_zero-trust_access	22.2
ivanti	policy_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*",
              "matchCriteriaId": "130C8955-BDA4-4518-8EBA-740EB08FC3E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*",
              "matchCriteriaId": "5AA4B39F-2FB9-4752-B1F1-18812B0990B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*",
              "matchCriteriaId": "232BAB6C-D318-4F80-8F49-4E700C21F535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*",
              "matchCriteriaId": "ABD840BF-944E-4F4C-96DC-0256286338F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*",
              "matchCriteriaId": "A1995F34-AE75-47C4-9A9D-DBB1D3E130E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
              "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
              "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*",
              "matchCriteriaId": "7162C24D-D181-49CC-B8C2-9EE3E0CDF846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
              "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2.0:*:*:*:*:*:*",
              "matchCriteriaId": "4E2D041D-9BDD-416D-B658-1C517C854104",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3.0:*:*:*:*:*:*",
              "matchCriteriaId": "7155EB34-E8E0-49AF-BDA2-FB4BFA44662E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.0:*:*:*:*:*:*",
              "matchCriteriaId": "25EE614A-5F32-4CA9-998A-4FAF16DC100C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5.0:*:*:*:*:*:*",
              "matchCriteriaId": "F49EE829-A2CD-491E-BFC3-7888491D7C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6.0:*:*:*:*:*:*",
              "matchCriteriaId": "2254DDF1-7FF3-49E1-8826-91F49A6794F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7.0:*:*:*:*:*:*",
              "matchCriteriaId": "B8EA4DA8-CD09-41AC-ADCB-27CF771C016B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.0:*:*:*:*:*:*",
              "matchCriteriaId": "4D6CECCB-18BA-4219-95A2-2525A2BDCE36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.4:*:*:*:*:*:*",
              "matchCriteriaId": "07AB853D-5A3F-4142-8417-1C9FB729A89E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.0:*:*:*:*:*:*",
              "matchCriteriaId": "B7006C07-0E3F-4890-A1B3-533E10924D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.2:*:*:*:*:*:*",
              "matchCriteriaId": "F54753D0-6275-4F82-B874-55438D2983B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*",
              "matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "24514B40-540E-45D7-90DC-BCC1D9D7E92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC",
              "versionEndExcluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1."
    },
    {
      "lang": "es",
      "value": "Un atacante no autenticado puede provocar una Denegaci\u00f3n de Servicio (DoS) a los siguientes productos: \nIvanti Connect Secure (ICS) en versiones anteriores a 9.1R14.3, 9.1R15.2, 9.1R16.2 y 22.2R4, \nIvanti Policy Secure (IPS ) en versiones anteriores a 9.1R17 y 22.3R1,\ne Ivanti Neurons for Zero-Trust Access en versiones anteriores a 22.3R1."
    }
  ],
  "id": "CVE-2022-35258",
  "lastModified": "2024-11-21T07:10:59.310",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-12-05T22:15:10.627",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-128"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-682"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-09-30 18:15

Modified

2025-02-12 19:56

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution.

References

▶	URL	Tags
	support@hackerone.com	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	*
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	policy_secure	*
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1

To clipboard

{
  "cisaActionDue": "2021-04-23",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Ivanti Pulse Connect Secure Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87FBC6AD-0A70-4626-A152-E49BECF9F7AF",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B44A1120-BFB8-462B-911F-04E4D1B1E64C",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Pulse Connect Secure \u003c 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web en Pulse Connect Secure versiones anteriores a 9.1R8.2, podr\u00eda permitir a un atacante autenticado cargar una plantilla personalizada para llevar a cabo una ejecuci\u00f3n de c\u00f3digo arbitrario"
    }
  ],
  "id": "CVE-2020-8243",
  "lastModified": "2025-02-12T19:56:52.180",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2020-09-30T18:15:29.070",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-02-13 04:15

Modified

2025-05-09 19:15

Severity ?

8.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Summary

An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	22.4
ivanti	connect_secure	22.5
ivanti	connect_secure	22.5
ivanti	policy_secure	22.5
ivanti	zero_trust_access	22.6

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14.4:*:*:*:*:*:*",
              "matchCriteriaId": "06520C75-9326-4C21-8AD6-6DE1ED031959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.2:*:*:*:*:*:*",
              "matchCriteriaId": "8971445A-D65F-4C0E-906F-7AC4953C5689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.3:*:*:*:*:*:*",
              "matchCriteriaId": "014C7627-F211-48B1-80FA-3A7F608B4F23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "C4F6AA81-68BC-40B1-9062-DD678B52AAC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "5CF1705D-BE88-4B19-BE66-6628D8D8B688",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:r2.2:*:*:*:*:*:*",
              "matchCriteriaId": "49E6C8D1-612D-4C63-B3D4-D4AEE2747770",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1.1:*:*:*:*:*:*",
              "matchCriteriaId": "198A80DF-4BD5-4325-85FE-992324AB2166",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:zero_trust_access:22.6:r1.3:*:*:*:*:*:*",
              "matchCriteriaId": "E70E1C11-4209-49F0-952E-636F67187225",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication."
    },
    {
      "lang": "es",
      "value": "Una entidad externa XML o vulnerabilidad XXE en el componente SAML de Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) y puertas de enlace ZTA que permite a un atacante acceder a ciertos recursos restringidos sin autenticaci\u00f3n."
    }
  ],
  "id": "CVE-2024-22024",
  "lastModified": "2025-05-09T19:15:59.813",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 8.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.7,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 8.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-02-13T04:15:07.943",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-01-12 17:15

Modified

2025-01-27 21:53

Severity ?

8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Summary

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

References

URL	Tags
support@hackerone.com	http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
support@hackerone.com	https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.0
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.2
ivanti	connect_secure	22.3
ivanti	connect_secure	22.4
ivanti	connect_secure	22.4
ivanti	connect_secure	22.5
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	connect_secure	22.6
ivanti	policy_secure	9.0
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2
ivanti	policy_secure	22.2
ivanti	policy_secure	22.3
ivanti	policy_secure	22.3
ivanti	policy_secure	22.4
ivanti	policy_secure	22.4
ivanti	policy_secure	22.4
ivanti	policy_secure	22.5
ivanti	policy_secure	22.5
ivanti	policy_secure	22.6

To clipboard

{
  "cisaActionDue": "2024-01-22",
  "cisaExploitAdd": "2024-01-10",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAA1F3F-FC78-43C1-814A-19E94AC4A844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
              "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
              "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
              "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
              "matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
              "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
              "matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
              "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "6564FE9E-7D96-4226-8378-DAC25525CDD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "415219D0-2D9A-4617-ABB7-6FF918421BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "D3DF17AC-EC26-4B76-8989-B7880C9EF73E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "001E117B-E8EE-4C20-AEBF-34FF5EB5051E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "6C383863-1E90-4B72-A500-4326782BC92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "AB9A5868-34FB-446E-817F-6701CC5DE923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*",
              "matchCriteriaId": "5456F61D-1FD1-4DA6-AFA3-4073889AD22A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD00E2EC-B772-4FE8-8CC5-829BE45BE878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
              "matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
              "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
              "matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "925DCCBA-9382-4A39-84B8-4DEAFD2BC802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "1536DB45-9A42-4549-A10E-FDBB6693DF17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "51FF66C9-9415-4EAD-8F19-D5E067336885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D73729EB-C679-4CED-9F36-212B0581EC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "14B481E8-D887-408F-B892-D2939CD037AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "3EB8380F-D229-4AF0-B27C-47760F843E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "28A9318A-0D4D-4EF1-998B-4A82A1AB63F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*",
              "matchCriteriaId": "56C7542D-3520-4E4D-936C-5295068C4CD7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en el componente web de Ivanti ICS 9.x, 22.x e Ivanti Policy Secure permite a un atacante remoto acceder a recursos restringidos omitiendo las comprobaciones de control."
    }
  ],
  "id": "CVE-2023-46805",
  "lastModified": "2025-01-27T21:53:11.007",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-01-12T17:15:09.530",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-12 04:15

Modified

2025-07-17 13:41

Severity ?

4.9 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an authenticated administrator can perform an arbitrary file read via a maliciously crafted web request.

References

▶	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/Security-patch-release-Ivanti-Policy-Secure-22-6R1	Vendor Advisory

Impacted products

	Vendor	Product	Version
	ivanti	policy_secure	*
	ivanti	policy_secure	22.6