Vulnerabilites related to Ivanti - IPS
cve-2023-46805
Vulnerability from cvelistv5
Published
2024-01-12 17:02
Modified
2025-02-13 17:14
Severity ?
EPSS score ?
Summary
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T20:53:21.908Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-46805", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T18:56:43.532172Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2024-01-10", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-46805", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T19:04:33.207Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ICS", vendor: "Ivanti", versions: [ { lessThanOrEqual: "9.1R18", status: "affected", version: "9.1R18", versionType: "semver", }, { lessThanOrEqual: "22.6R2", status: "affected", version: "22.6R2", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "IPS", vendor: "Ivanti", versions: [ { lessThanOrEqual: "9.1R18", status: "affected", version: "9.1R18", versionType: "semver", }, { lessThanOrEqual: "22.6R1", status: "affected", version: "22.6R1", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.", }, ], metrics: [ { cvssV3_0: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2024-01-22T17:06:19.758Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US", }, { url: "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2023-46805", datePublished: "2024-01-12T17:02:16.452Z", dateReserved: "2023-10-27T01:00:13.399Z", dateUpdated: "2025-02-13T17:14:35.487Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21887
Vulnerability from cvelistv5
Published
2024-01-12 17:02
Modified
2025-02-13 17:33
Severity ?
EPSS score ?
Summary
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T22:35:33.413Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2024-21887", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T18:55:58.242603Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2024-01-10", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-21887", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T18:56:24.352Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ICS", vendor: "Ivanti", versions: [ { lessThanOrEqual: "9.1R18", status: "affected", version: "9.1R18", versionType: "custom", }, { lessThanOrEqual: "22.6R2", status: "affected", version: "22.6R2", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "IPS", vendor: "Ivanti", versions: [ { lessThanOrEqual: "9.1R18", status: "affected", version: "9.1R18", versionType: "custom", }, { lessThanOrEqual: "22.6R1", status: "affected", version: "22.6R1", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.", }, ], metrics: [ { cvssV3_0: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2024-01-22T17:06:21.273Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US", }, { url: "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2024-21887", datePublished: "2024-01-12T17:02:16.481Z", dateReserved: "2024-01-03T01:04:06.538Z", dateUpdated: "2025-02-13T17:33:21.036Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21893
Vulnerability from cvelistv5
Published
2024-01-31 17:51
Modified
2024-08-01 22:35
Severity ?
EPSS score ?
Summary
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "connect_secure", vendor: "ivanti", versions: [ { status: "affected", version: "9.0", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "connect_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.6", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "policy_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.3", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "policy_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.6", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "policy_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.5", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "policy_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.4", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "connect_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.1", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "connect_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.2", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "connect_secure", vendor: "ivanti", versions: [ { status: "affected", version: "9.1", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "connect_secure", vendor: "ivanti", versions: [ { status: "affected", version: "21.9", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "connect_secure", vendor: "ivanti", versions: [ { status: "affected", version: "21.12", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "policy_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.2", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "policy_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.1", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "policy_secure", vendor: "ivanti", versions: [ { status: "affected", version: "9.1", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "connect_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.4", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "connect_secure", vendor: "ivanti", versions: [ { status: "affected", version: "22.3", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "policy_secure", vendor: "ivanti", versions: [ { status: "affected", version: "9.0", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-21893", options: [ { Exploitation: "Active", }, { Automatable: "Yes", }, { "Technical Impact": "Partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-01T05:00:07.654275Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2024-01-31", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-21893", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918 Server-Side Request Forgery (SSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:37:50.738Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T22:35:33.414Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ICS", vendor: "Ivanti", versions: [ { lessThanOrEqual: "9.1R18", status: "affected", version: "9.1R18", versionType: "semver", }, { lessThanOrEqual: "22.6R2", status: "affected", version: "22.6R2", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "IPS", vendor: "Ivanti", versions: [ { lessThanOrEqual: "9.1R18", status: "affected", version: "9.1R18", versionType: "semver", }, { lessThanOrEqual: "22.6R1", status: "affected", version: "22.6R1", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.", }, ], metrics: [ { cvssV3_0: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2024-01-31T17:51:35.095Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2024-21893", datePublished: "2024-01-31T17:51:35.095Z", dateReserved: "2024-01-03T01:04:06.539Z", dateUpdated: "2024-08-01T22:35:33.414Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21888
Vulnerability from cvelistv5
Published
2024-01-31 17:51
Modified
2024-08-01 22:35
Severity ?
EPSS score ?
Summary
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "connect_secure", vendor: "ivanti", versions: [ { lessThan: "10.0", status: "affected", version: "9.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:connect_secure:22.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "connect_secure", vendor: "ivanti", versions: [ { lessThan: "23.0", status: "affected", version: "22.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:22.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "policy_secure", vendor: "ivanti", versions: [ { lessThan: "23.0", status: "affected", version: "22.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "policy_secure", vendor: "ivanti", versions: [ { lessThan: "10.0", status: "affected", version: "9.0", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-21888", options: [ { Exploitation: "none", }, { Automatable: "No", }, { "Technical Impact": "Total", }, ], role: "CISA Coordinator", timestamp: "2024-05-23T17:43:32.387135Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-23T18:26:11.151Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T22:35:33.407Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ICS", vendor: "Ivanti", versions: [ { lessThanOrEqual: "9.1R18", status: "affected", version: "9.1R18", versionType: "semver", }, { lessThanOrEqual: "22.6R2", status: "affected", version: "22.6R2", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "IPS", vendor: "Ivanti", versions: [ { lessThanOrEqual: "9.1R18", status: "affected", version: "9.1R18", versionType: "semver", }, { lessThanOrEqual: "22.6R1", status: "affected", version: "22.6R1", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator. ", }, ], metrics: [ { cvssV3_0: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2024-01-31T17:51:34.941Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2024-21888", datePublished: "2024-01-31T17:51:34.941Z", dateReserved: "2024-01-03T01:04:06.538Z", dateUpdated: "2024-08-01T22:35:33.407Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-22024
Vulnerability from cvelistv5
Published
2024-02-13 04:07
Modified
2024-08-01 22:35
Severity ?
EPSS score ?
Summary
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Ivanti | ICS |
Version: 9.1R14.5 ≤ Version: 9.1R17.3 ≤ Version: 9.1R18.4 ≤ Version: 22.1R6.1 ≤ Version: 22.2R4.1 ≤ Version: 22.3R1.1 ≤ Version: 22.4R1.1 ≤ Version: 22.5R1.2 ≤ Version: 22.6R1.1 ≤ Version: 22.4R2.3 ≤ Version: 22.5R2.3 ≤ Version: 22.6R2.2 ≤ |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T22:35:34.846Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ICS", vendor: "Ivanti", versions: [ { lessThan: "9.1R14.5", status: "affected", version: "9.1R14.5", versionType: "semver", }, { lessThan: "9.1R17.3", status: "affected", version: "9.1R17.3", versionType: "semver", }, { lessThan: "9.1R18.4", status: "affected", version: "9.1R18.4", versionType: "semver", }, { lessThan: "22.1R6.1", status: "affected", version: "22.1R6.1", versionType: "semver", }, { lessThan: "9.1R14.4", status: "unaffected", version: "9.1R14.4", versionType: "semver", }, { lessThan: "9.1R15.2", status: "unaffected", version: "9.1R15.2", versionType: "semver", }, { lessThan: "9.1R16.2", status: "unaffected", version: "9.1R16.2", versionType: "semver", }, { lessThan: "9.1R17.2", status: "unaffected", version: "9.1R17.2", versionType: "semver", }, { lessThan: "9.1R18.3", status: "unaffected", version: "9.1R18.3", versionType: "semver", }, { lessThan: "22.1R6.1", status: "unaffected", version: "22.1R6.1", versionType: "semver", }, { lessThan: "22.2R4.1", status: "affected", version: "22.2R4.1", versionType: "semver", }, { lessThan: "22.3R1.1", status: "affected", version: "22.3R1.1", versionType: "semver", }, { lessThan: "22.4R1.1", status: "affected", version: "22.4R1.1", versionType: "semver", }, { lessThan: "22.5R1.2", status: "affected", version: "22.5R1.2", versionType: "semver", }, { lessThan: "22.6R1.1", status: "affected", version: "22.6R1.1", versionType: "semver", }, { lessThan: "22.4R2.3", status: "affected", version: "22.4R2.3", versionType: "semver", }, { lessThan: "22.5R2.3", status: "affected", version: "22.5R2.3", versionType: "semver", }, { lessThan: "22.6R2.2", status: "affected", version: "22.6R2.2", versionType: "semver", }, { lessThan: "22.2R4.1", status: "unaffected", version: "22.2R4.1", versionType: "semver", }, { lessThan: "22.3R1", status: "unaffected", version: "22.3R1", versionType: "semver", }, { lessThan: "22.4R1.1", status: "unaffected", version: "22.4R1.1", versionType: "semver", }, { lessThan: "22.5R1.1", status: "unaffected", version: "22.5R1.1", versionType: "semver", }, { lessThan: "22.6R1.1", status: "unaffected", version: "22.6R1.1", versionType: "semver", }, { lessThan: "22.4R2.2", status: "unaffected", version: "22.4R2.2", versionType: "semver", }, { lessThan: "22.5R2.2", status: "unaffected", version: "22.5R2.2", versionType: "semver", }, { lessThan: "22.6R2.2", status: "unaffected", version: "22.6R2.2", versionType: "semver", }, ], }, { product: "ICS", vendor: "Ivant ", versions: [ { lessThan: "9.1R15.3", status: "affected", version: "9.1R15.3", versionType: "semver", }, ], }, { product: "IPS", vendor: "Ivanti", versions: [ { lessThan: "9.1R18.4", status: "affected", version: "9.1R18.4", versionType: "semver", }, { lessThan: "9.1R17.3", status: "affected", version: "9.1R17.3", versionType: "semver", }, { lessThan: "22.5R1.2", status: "affected", version: "22.5R1.2", versionType: "semver", }, { lessThan: "9.1R18.2", status: "unaffected", version: "9.1R18.2", versionType: "semver", }, { lessThan: "9.1R17.2", status: "unaffected", version: "9.1R17.2", versionType: "semver", }, { lessThan: "22.5R1.1", status: "unaffected", version: "22.5R1.1", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.", }, ], metrics: [ { cvssV3_0: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2024-02-13T04:07:04.355Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2024-22024", datePublished: "2024-02-13T04:07:04.355Z", dateReserved: "2024-01-04T01:04:06.574Z", dateUpdated: "2024-08-01T22:35:34.846Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }