KEV Entry
CVE-2024-21887
Known Exploited Vulnerability Entry External Catalog
Entry Details
Confirmed Exploited2024-01-10 00:00 UTC
Timestamps
2024-01-10
2024-01-10
Scope
KEVIntel entry: A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an... | Affected: Ivanti / ICS, IPS | CVSS: 9.1 (CRITICAL) | EPSS: 0.99999 | Used in malware: yes | Not yet in CISA KEV: False
References
- {'id': 'CVE-2024-21887', 'url': 'https://www.cve.org/CVERecord?id=CVE-2024-21887'}
- {'id': 'kevintel', 'url': 'https://kevintel.com/vuln/CVE-2024-21887'}
78996bbc-cee4-459f-823f-9ed61696a6c1
caeb2787-0d58-4236-9039-7c86c3e566f3
2026-06-23 14:05 UTC
2026-06-23 14:05 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| public_report | kevintel | confirmed_compromise | 0.70 |
View details
|
- |