Search criteria
10 vulnerabilities found for IPS by Ivanti
CVE-2024-22024 (GCVE-0-2024-22024)
Vulnerability from cvelistv5 – Published: 2024-02-13 04:07 – Updated: 2025-05-09 18:26
VLAI?
Summary
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
Severity ?
8.3 (High)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ivanti | ICS |
Affected:
9.1R14.5 , < 9.1R14.5
(semver)
Affected: 9.1R17.3 , < 9.1R17.3 (semver) Affected: 9.1R18.4 , < 9.1R18.4 (semver) Affected: 22.1R6.1 , < 22.1R6.1 (semver) Unaffected: 9.1R14.4 , < 9.1R14.4 (semver) Unaffected: 9.1R15.2 , < 9.1R15.2 (semver) Unaffected: 9.1R16.2 , < 9.1R16.2 (semver) Unaffected: 9.1R17.2 , < 9.1R17.2 (semver) Unaffected: 9.1R18.3 , < 9.1R18.3 (semver) Unaffected: 22.1R6.1 , < 22.1R6.1 (semver) Affected: 22.2R4.1 , < 22.2R4.1 (semver) Affected: 22.3R1.1 , < 22.3R1.1 (semver) Affected: 22.4R1.1 , < 22.4R1.1 (semver) Affected: 22.5R1.2 , < 22.5R1.2 (semver) Affected: 22.6R1.1 , < 22.6R1.1 (semver) Affected: 22.4R2.3 , < 22.4R2.3 (semver) Affected: 22.5R2.3 , < 22.5R2.3 (semver) Affected: 22.6R2.2 , < 22.6R2.2 (semver) Unaffected: 22.2R4.1 , < 22.2R4.1 (semver) Unaffected: 22.3R1 , < 22.3R1 (semver) Unaffected: 22.4R1.1 , < 22.4R1.1 (semver) Unaffected: 22.5R1.1 , < 22.5R1.1 (semver) Unaffected: 22.6R1.1 , < 22.6R1.1 (semver) Unaffected: 22.4R2.2 , < 22.4R2.2 (semver) Unaffected: 22.5R2.2 , < 22.5R2.2 (semver) Unaffected: 22.6R2.2 , < 22.6R2.2 (semver) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22024",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T19:34:58.517182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T18:26:09.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThan": "9.1R14.5",
"status": "affected",
"version": "9.1R14.5",
"versionType": "semver"
},
{
"lessThan": "9.1R17.3",
"status": "affected",
"version": "9.1R17.3",
"versionType": "semver"
},
{
"lessThan": "9.1R18.4",
"status": "affected",
"version": "9.1R18.4",
"versionType": "semver"
},
{
"lessThan": "22.1R6.1",
"status": "affected",
"version": "22.1R6.1",
"versionType": "semver"
},
{
"lessThan": "9.1R14.4",
"status": "unaffected",
"version": "9.1R14.4",
"versionType": "semver"
},
{
"lessThan": "9.1R15.2",
"status": "unaffected",
"version": "9.1R15.2",
"versionType": "semver"
},
{
"lessThan": "9.1R16.2",
"status": "unaffected",
"version": "9.1R16.2",
"versionType": "semver"
},
{
"lessThan": "9.1R17.2",
"status": "unaffected",
"version": "9.1R17.2",
"versionType": "semver"
},
{
"lessThan": "9.1R18.3",
"status": "unaffected",
"version": "9.1R18.3",
"versionType": "semver"
},
{
"lessThan": "22.1R6.1",
"status": "unaffected",
"version": "22.1R6.1",
"versionType": "semver"
},
{
"lessThan": "22.2R4.1",
"status": "affected",
"version": "22.2R4.1",
"versionType": "semver"
},
{
"lessThan": "22.3R1.1",
"status": "affected",
"version": "22.3R1.1",
"versionType": "semver"
},
{
"lessThan": "22.4R1.1",
"status": "affected",
"version": "22.4R1.1",
"versionType": "semver"
},
{
"lessThan": "22.5R1.2",
"status": "affected",
"version": "22.5R1.2",
"versionType": "semver"
},
{
"lessThan": "22.6R1.1",
"status": "affected",
"version": "22.6R1.1",
"versionType": "semver"
},
{
"lessThan": "22.4R2.3",
"status": "affected",
"version": "22.4R2.3",
"versionType": "semver"
},
{
"lessThan": "22.5R2.3",
"status": "affected",
"version": "22.5R2.3",
"versionType": "semver"
},
{
"lessThan": "22.6R2.2",
"status": "affected",
"version": "22.6R2.2",
"versionType": "semver"
},
{
"lessThan": "22.2R4.1",
"status": "unaffected",
"version": "22.2R4.1",
"versionType": "semver"
},
{
"lessThan": "22.3R1",
"status": "unaffected",
"version": "22.3R1",
"versionType": "semver"
},
{
"lessThan": "22.4R1.1",
"status": "unaffected",
"version": "22.4R1.1",
"versionType": "semver"
},
{
"lessThan": "22.5R1.1",
"status": "unaffected",
"version": "22.5R1.1",
"versionType": "semver"
},
{
"lessThan": "22.6R1.1",
"status": "unaffected",
"version": "22.6R1.1",
"versionType": "semver"
},
{
"lessThan": "22.4R2.2",
"status": "unaffected",
"version": "22.4R2.2",
"versionType": "semver"
},
{
"lessThan": "22.5R2.2",
"status": "unaffected",
"version": "22.5R2.2",
"versionType": "semver"
},
{
"lessThan": "22.6R2.2",
"status": "unaffected",
"version": "22.6R2.2",
"versionType": "semver"
}
]
},
{
"product": "ICS",
"vendor": "Ivant ",
"versions": [
{
"lessThan": "9.1R15.3",
"status": "affected",
"version": "9.1R15.3",
"versionType": "semver"
}
]
},
{
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThan": "9.1R18.4",
"status": "affected",
"version": "9.1R18.4",
"versionType": "semver"
},
{
"lessThan": "9.1R17.3",
"status": "affected",
"version": "9.1R17.3",
"versionType": "semver"
},
{
"lessThan": "22.5R1.2",
"status": "affected",
"version": "22.5R1.2",
"versionType": "semver"
},
{
"lessThan": "9.1R18.2",
"status": "unaffected",
"version": "9.1R18.2",
"versionType": "semver"
},
{
"lessThan": "9.1R17.2",
"status": "unaffected",
"version": "9.1R17.2",
"versionType": "semver"
},
{
"lessThan": "22.5R1.1",
"status": "unaffected",
"version": "22.5R1.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T04:07:04.355Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-22024",
"datePublished": "2024-02-13T04:07:04.355Z",
"dateReserved": "2024-01-04T01:04:06.574Z",
"dateUpdated": "2025-05-09T18:26:09.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21893 (GCVE-0-2024-21893)
Vulnerability from cvelistv5 – Published: 2024-01-31 17:51 – Updated: 2025-10-21 23:05
VLAI?
Summary
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
Severity ?
8.2 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "9.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.6"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.3"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.6"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.5"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.2"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "9.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "21.9"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "21.12"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.2"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "9.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.3"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "9.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21893",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-01T05:00:07.654275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-01-31",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21893"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:25.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21893"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-31T00:00:00+00:00",
"value": "CVE-2024-21893 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:33.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R2",
"status": "affected",
"version": "22.6R2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R1",
"status": "affected",
"version": "22.6R1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-01-31T17:51:35.095Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-21893",
"datePublished": "2024-01-31T17:51:35.095Z",
"dateReserved": "2024-01-03T01:04:06.539Z",
"dateUpdated": "2025-10-21T23:05:25.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21888 (GCVE-0-2024-21888)
Vulnerability from cvelistv5 – Published: 2024-01-31 17:51 – Updated: 2025-06-03 18:46
VLAI?
Summary
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.
Severity ?
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"lessThan": "10.0",
"status": "affected",
"version": "9.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"lessThan": "23.0",
"status": "affected",
"version": "22.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"lessThan": "23.0",
"status": "affected",
"version": "22.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"lessThan": "10.0",
"status": "affected",
"version": "9.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21888",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T17:43:32.387135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T18:46:20.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:33.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R2",
"status": "affected",
"version": "22.6R2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R1",
"status": "affected",
"version": "22.6R1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator. "
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-01-31T17:51:34.941Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-21888",
"datePublished": "2024-01-31T17:51:34.941Z",
"dateReserved": "2024-01-03T01:04:06.538Z",
"dateUpdated": "2025-06-03T18:46:20.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-46805 (GCVE-0-2023-46805)
Vulnerability from cvelistv5 – Published: 2024-01-12 17:02 – Updated: 2025-10-21 23:05
VLAI?
Summary
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Severity ?
8.2 (High)
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46805",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T18:56:43.532172Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-01-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46805"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:28.857Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46805"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-10T00:00:00+00:00",
"value": "CVE-2023-46805 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R2",
"status": "affected",
"version": "22.6R2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R1",
"status": "affected",
"version": "22.6R1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-01-22T17:06:19.758Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
},
{
"url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-46805",
"datePublished": "2024-01-12T17:02:16.452Z",
"dateReserved": "2023-10-27T01:00:13.399Z",
"dateUpdated": "2025-10-21T23:05:28.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21887 (GCVE-0-2024-21887)
Vulnerability from cvelistv5 – Published: 2024-01-12 17:02 – Updated: 2025-10-21 23:05
VLAI?
Summary
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
Severity ?
9.1 (Critical)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:33.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21887",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T18:55:58.242603Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-01-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:28.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-10T00:00:00+00:00",
"value": "CVE-2024-21887 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.6R2",
"status": "affected",
"version": "22.6R2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.6R1",
"status": "affected",
"version": "22.6R1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-01-22T17:06:21.273Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
},
{
"url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-21887",
"datePublished": "2024-01-12T17:02:16.481Z",
"dateReserved": "2024-01-03T01:04:06.538Z",
"dateUpdated": "2025-10-21T23:05:28.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22024 (GCVE-0-2024-22024)
Vulnerability from nvd – Published: 2024-02-13 04:07 – Updated: 2025-05-09 18:26
VLAI?
Summary
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
Severity ?
8.3 (High)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ivanti | ICS |
Affected:
9.1R14.5 , < 9.1R14.5
(semver)
Affected: 9.1R17.3 , < 9.1R17.3 (semver) Affected: 9.1R18.4 , < 9.1R18.4 (semver) Affected: 22.1R6.1 , < 22.1R6.1 (semver) Unaffected: 9.1R14.4 , < 9.1R14.4 (semver) Unaffected: 9.1R15.2 , < 9.1R15.2 (semver) Unaffected: 9.1R16.2 , < 9.1R16.2 (semver) Unaffected: 9.1R17.2 , < 9.1R17.2 (semver) Unaffected: 9.1R18.3 , < 9.1R18.3 (semver) Unaffected: 22.1R6.1 , < 22.1R6.1 (semver) Affected: 22.2R4.1 , < 22.2R4.1 (semver) Affected: 22.3R1.1 , < 22.3R1.1 (semver) Affected: 22.4R1.1 , < 22.4R1.1 (semver) Affected: 22.5R1.2 , < 22.5R1.2 (semver) Affected: 22.6R1.1 , < 22.6R1.1 (semver) Affected: 22.4R2.3 , < 22.4R2.3 (semver) Affected: 22.5R2.3 , < 22.5R2.3 (semver) Affected: 22.6R2.2 , < 22.6R2.2 (semver) Unaffected: 22.2R4.1 , < 22.2R4.1 (semver) Unaffected: 22.3R1 , < 22.3R1 (semver) Unaffected: 22.4R1.1 , < 22.4R1.1 (semver) Unaffected: 22.5R1.1 , < 22.5R1.1 (semver) Unaffected: 22.6R1.1 , < 22.6R1.1 (semver) Unaffected: 22.4R2.2 , < 22.4R2.2 (semver) Unaffected: 22.5R2.2 , < 22.5R2.2 (semver) Unaffected: 22.6R2.2 , < 22.6R2.2 (semver) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22024",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T19:34:58.517182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T18:26:09.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThan": "9.1R14.5",
"status": "affected",
"version": "9.1R14.5",
"versionType": "semver"
},
{
"lessThan": "9.1R17.3",
"status": "affected",
"version": "9.1R17.3",
"versionType": "semver"
},
{
"lessThan": "9.1R18.4",
"status": "affected",
"version": "9.1R18.4",
"versionType": "semver"
},
{
"lessThan": "22.1R6.1",
"status": "affected",
"version": "22.1R6.1",
"versionType": "semver"
},
{
"lessThan": "9.1R14.4",
"status": "unaffected",
"version": "9.1R14.4",
"versionType": "semver"
},
{
"lessThan": "9.1R15.2",
"status": "unaffected",
"version": "9.1R15.2",
"versionType": "semver"
},
{
"lessThan": "9.1R16.2",
"status": "unaffected",
"version": "9.1R16.2",
"versionType": "semver"
},
{
"lessThan": "9.1R17.2",
"status": "unaffected",
"version": "9.1R17.2",
"versionType": "semver"
},
{
"lessThan": "9.1R18.3",
"status": "unaffected",
"version": "9.1R18.3",
"versionType": "semver"
},
{
"lessThan": "22.1R6.1",
"status": "unaffected",
"version": "22.1R6.1",
"versionType": "semver"
},
{
"lessThan": "22.2R4.1",
"status": "affected",
"version": "22.2R4.1",
"versionType": "semver"
},
{
"lessThan": "22.3R1.1",
"status": "affected",
"version": "22.3R1.1",
"versionType": "semver"
},
{
"lessThan": "22.4R1.1",
"status": "affected",
"version": "22.4R1.1",
"versionType": "semver"
},
{
"lessThan": "22.5R1.2",
"status": "affected",
"version": "22.5R1.2",
"versionType": "semver"
},
{
"lessThan": "22.6R1.1",
"status": "affected",
"version": "22.6R1.1",
"versionType": "semver"
},
{
"lessThan": "22.4R2.3",
"status": "affected",
"version": "22.4R2.3",
"versionType": "semver"
},
{
"lessThan": "22.5R2.3",
"status": "affected",
"version": "22.5R2.3",
"versionType": "semver"
},
{
"lessThan": "22.6R2.2",
"status": "affected",
"version": "22.6R2.2",
"versionType": "semver"
},
{
"lessThan": "22.2R4.1",
"status": "unaffected",
"version": "22.2R4.1",
"versionType": "semver"
},
{
"lessThan": "22.3R1",
"status": "unaffected",
"version": "22.3R1",
"versionType": "semver"
},
{
"lessThan": "22.4R1.1",
"status": "unaffected",
"version": "22.4R1.1",
"versionType": "semver"
},
{
"lessThan": "22.5R1.1",
"status": "unaffected",
"version": "22.5R1.1",
"versionType": "semver"
},
{
"lessThan": "22.6R1.1",
"status": "unaffected",
"version": "22.6R1.1",
"versionType": "semver"
},
{
"lessThan": "22.4R2.2",
"status": "unaffected",
"version": "22.4R2.2",
"versionType": "semver"
},
{
"lessThan": "22.5R2.2",
"status": "unaffected",
"version": "22.5R2.2",
"versionType": "semver"
},
{
"lessThan": "22.6R2.2",
"status": "unaffected",
"version": "22.6R2.2",
"versionType": "semver"
}
]
},
{
"product": "ICS",
"vendor": "Ivant ",
"versions": [
{
"lessThan": "9.1R15.3",
"status": "affected",
"version": "9.1R15.3",
"versionType": "semver"
}
]
},
{
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThan": "9.1R18.4",
"status": "affected",
"version": "9.1R18.4",
"versionType": "semver"
},
{
"lessThan": "9.1R17.3",
"status": "affected",
"version": "9.1R17.3",
"versionType": "semver"
},
{
"lessThan": "22.5R1.2",
"status": "affected",
"version": "22.5R1.2",
"versionType": "semver"
},
{
"lessThan": "9.1R18.2",
"status": "unaffected",
"version": "9.1R18.2",
"versionType": "semver"
},
{
"lessThan": "9.1R17.2",
"status": "unaffected",
"version": "9.1R17.2",
"versionType": "semver"
},
{
"lessThan": "22.5R1.1",
"status": "unaffected",
"version": "22.5R1.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T04:07:04.355Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-22024",
"datePublished": "2024-02-13T04:07:04.355Z",
"dateReserved": "2024-01-04T01:04:06.574Z",
"dateUpdated": "2025-05-09T18:26:09.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21893 (GCVE-0-2024-21893)
Vulnerability from nvd – Published: 2024-01-31 17:51 – Updated: 2025-10-21 23:05
VLAI?
Summary
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
Severity ?
8.2 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "9.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.6"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.3"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.6"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.5"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.2"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "9.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "21.9"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "21.12"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.2"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "9.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "22.3"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"status": "affected",
"version": "9.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21893",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-01T05:00:07.654275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-01-31",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21893"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:25.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21893"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-31T00:00:00+00:00",
"value": "CVE-2024-21893 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:33.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R2",
"status": "affected",
"version": "22.6R2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R1",
"status": "affected",
"version": "22.6R1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-01-31T17:51:35.095Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-21893",
"datePublished": "2024-01-31T17:51:35.095Z",
"dateReserved": "2024-01-03T01:04:06.539Z",
"dateUpdated": "2025-10-21T23:05:25.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21888 (GCVE-0-2024-21888)
Vulnerability from nvd – Published: 2024-01-31 17:51 – Updated: 2025-06-03 18:46
VLAI?
Summary
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.
Severity ?
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"lessThan": "10.0",
"status": "affected",
"version": "9.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:connect_secure:22.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "connect_secure",
"vendor": "ivanti",
"versions": [
{
"lessThan": "23.0",
"status": "affected",
"version": "22.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:22.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"lessThan": "23.0",
"status": "affected",
"version": "22.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "policy_secure",
"vendor": "ivanti",
"versions": [
{
"lessThan": "10.0",
"status": "affected",
"version": "9.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21888",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T17:43:32.387135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T18:46:20.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:33.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R2",
"status": "affected",
"version": "22.6R2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R1",
"status": "affected",
"version": "22.6R1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator. "
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-01-31T17:51:34.941Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-21888",
"datePublished": "2024-01-31T17:51:34.941Z",
"dateReserved": "2024-01-03T01:04:06.538Z",
"dateUpdated": "2025-06-03T18:46:20.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-46805 (GCVE-0-2023-46805)
Vulnerability from nvd – Published: 2024-01-12 17:02 – Updated: 2025-10-21 23:05
VLAI?
Summary
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Severity ?
8.2 (High)
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46805",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T18:56:43.532172Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-01-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46805"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:28.857Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46805"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-10T00:00:00+00:00",
"value": "CVE-2023-46805 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R2",
"status": "affected",
"version": "22.6R2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "semver"
},
{
"lessThanOrEqual": "22.6R1",
"status": "affected",
"version": "22.6R1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-01-22T17:06:19.758Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
},
{
"url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-46805",
"datePublished": "2024-01-12T17:02:16.452Z",
"dateReserved": "2023-10-27T01:00:13.399Z",
"dateUpdated": "2025-10-21T23:05:28.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21887 (GCVE-0-2024-21887)
Vulnerability from nvd – Published: 2024-01-12 17:02 – Updated: 2025-10-21 23:05
VLAI?
Summary
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
Severity ?
9.1 (Critical)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:33.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21887",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T18:55:58.242603Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-01-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:28.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-10T00:00:00+00:00",
"value": "CVE-2024-21887 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.6R2",
"status": "affected",
"version": "22.6R2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThanOrEqual": "9.1R18",
"status": "affected",
"version": "9.1R18",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.6R1",
"status": "affected",
"version": "22.6R1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-01-22T17:06:21.273Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
},
{
"url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-21887",
"datePublished": "2024-01-12T17:02:16.481Z",
"dateReserved": "2024-01-03T01:04:06.538Z",
"dateUpdated": "2025-10-21T23:05:28.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}