Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-12058 (GCVE-0-2024-12058)
Vulnerability from cvelistv5 – Published: 2025-02-11 15:21 – Updated: 2025-02-11 15:35
VLAI
EPSS
Summary
External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.
Severity
6.8 (Medium)
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ivanti | Connect Secure |
Unaffected:
22.7R2.6
(custom)
|
|
| Ivanti | Policy Secure |
Unaffected:
22.7R1.3
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12058",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T15:32:02.167372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T15:35:20.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Connect Secure",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "22.7R2.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Policy Secure",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "22.7R1.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExternal control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files."
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73: External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T15:21:18.279Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-12058",
"datePublished": "2025-02-11T15:21:18.279Z",
"dateReserved": "2024-12-02T20:28:49.218Z",
"dateUpdated": "2025-02-11T15:35:20.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-12058",
"date": "2026-05-27",
"epss": "0.01228",
"percentile": "0.79402"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-12058\",\"sourceIdentifier\":\"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\",\"published\":\"2025-02-11T16:15:38.663\",\"lastModified\":\"2025-07-16T16:00:23.297\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.\"},{\"lang\":\"es\",\"value\":\"El control externo de un nombre de archivo en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.6 e Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.3 permite que un atacante remoto autenticado con privilegios de administrador lea archivos arbitrarios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-73\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:*:-:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.7\",\"matchCriteriaId\":\"A0EC2FCD-5402-4269-B86A-18F8DFB8F2C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2927A40D-E8A3-4DB6-9C93-04A6C6035C3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EAD1423-4477-4C35-BF93-697A2C0697C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*\",\"matchCriteriaId\":\"858353BC-12CB-4014-BFCA-DA7B1B3DD4B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*\",\"matchCriteriaId\":\"865F72BF-57B2-4B0C-BACE-3500E0AE6751\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*\",\"matchCriteriaId\":\"39E11407-E0C0-454F-B731-7DA4CBC696EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"247E71F8-A03B-4097-B7BF-09F8BF3ED4D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0059C69-4A18-4153-9D9A-5C1B03AD1453\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC523C88-115E-4CD9-A8CB-AE6E6610F7D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3447428E-DBCD-4553-B51D-AC08ECAFD881\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A08BAF98-7F05-4596-8BFC-91F1A79D3BD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*\",\"matchCriteriaId\":\"40717D97-A062-49C4-B105-C22AAC3A206A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.7\",\"matchCriteriaId\":\"FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F22B988-2585-4853-9838-AB3746C8B888\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD9BE8C2-43EB-4870-A4B7-267CB17A19F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8915BB2-C1C0-4189-A847-DDB2EF161D62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D24A8DB-D697-4C60-935D-B08EE36861CB\"}]}]}],\"references\":[{\"url\":\"https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs\",\"source\":\"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-12058\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-11T15:32:02.167372Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-11T15:33:18.381Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-137\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-137 Parameter Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Ivanti\", \"product\": \"Connect Secure\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"22.7R2.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Ivanti\", \"product\": \"Policy Secure\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"22.7R1.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eExternal control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.\u003c/span\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u0026nbsp;\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-73\", \"description\": \"CWE-73: External Control of File Name or Path\"}]}], \"providerMetadata\": {\"orgId\": \"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\", \"shortName\": \"ivanti\", \"dateUpdated\": \"2025-02-11T15:21:18.279Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-12058\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-11T15:35:20.850Z\", \"dateReserved\": \"2024-12-02T20:28:49.218Z\", \"assignerOrgId\": \"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\", \"datePublished\": \"2025-02-11T15:21:18.279Z\", \"assignerShortName\": \"ivanti\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2025-AVI-0121
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Ivanti. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Ivanti | Connect Secure (ICS) | Connect Secure versions antérieures à 22.7R2.6 | ||
| Ivanti | Neurons for MDM (N-MDM) | Neurons for MDM (N-MDM) versions antérieures à R110 | ||
| Ivanti | Secure Access Client (ISAC) | Secure Access Client versions antérieures à 22.8R1 | ||
| Ivanti | Cloud Service Application (CSA) | Cloud Services Application versions antérieures à 5.0.5 | ||
| Ivanti | Policy Secure (IPS) | Policy Secure versions antérieures à 22.7R1.3 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Connect Secure versions ant\u00e9rieures \u00e0 22.7R2.6",
"product": {
"name": "Connect Secure (ICS)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
},
{
"description": "Neurons for MDM (N-MDM) versions ant\u00e9rieures \u00e0 R110",
"product": {
"name": "Neurons for MDM (N-MDM)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
},
{
"description": "Secure Access Client versions ant\u00e9rieures \u00e0 22.8R1",
"product": {
"name": "Secure Access Client (ISAC)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
},
{
"description": "Cloud Services Application versions ant\u00e9rieures \u00e0 5.0.5 ",
"product": {
"name": "Cloud Service Application (CSA)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
},
{
"description": "Policy Secure versions ant\u00e9rieures \u00e0 22.7R1.3",
"product": {
"name": "Policy Secure (IPS)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-13843",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13843"
},
{
"name": "CVE-2024-13830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13830"
},
{
"name": "CVE-2024-38657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38657"
},
{
"name": "CVE-2024-10644",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10644"
},
{
"name": "CVE-2024-13842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13842"
},
{
"name": "CVE-2025-22467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22467"
},
{
"name": "CVE-2024-11771",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11771"
},
{
"name": "CVE-2024-13813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13813"
},
{
"name": "CVE-2024-12058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12058"
},
{
"name": "CVE-2024-47908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47908"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0121",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-02-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Ivanti. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Ivanti",
"vendor_advisories": [
{
"published_at": "2025-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ivanti Security-Advisory-Ivanti-Neurons-for-MDM-N-MDM",
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-MDM-N-MDM"
},
{
"published_at": "2025-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ivanti february-security-update",
"url": "https://www.ivanti.com/blog/february-security-update"
},
{
"published_at": "2025-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ivanti February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
},
{
"published_at": "2025-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ivanti Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771",
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771"
}
]
}
CERTFR-2025-AVI-0121
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Ivanti. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Ivanti | Connect Secure (ICS) | Connect Secure versions antérieures à 22.7R2.6 | ||
| Ivanti | Neurons for MDM (N-MDM) | Neurons for MDM (N-MDM) versions antérieures à R110 | ||
| Ivanti | Secure Access Client (ISAC) | Secure Access Client versions antérieures à 22.8R1 | ||
| Ivanti | Cloud Service Application (CSA) | Cloud Services Application versions antérieures à 5.0.5 | ||
| Ivanti | Policy Secure (IPS) | Policy Secure versions antérieures à 22.7R1.3 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Connect Secure versions ant\u00e9rieures \u00e0 22.7R2.6",
"product": {
"name": "Connect Secure (ICS)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
},
{
"description": "Neurons for MDM (N-MDM) versions ant\u00e9rieures \u00e0 R110",
"product": {
"name": "Neurons for MDM (N-MDM)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
},
{
"description": "Secure Access Client versions ant\u00e9rieures \u00e0 22.8R1",
"product": {
"name": "Secure Access Client (ISAC)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
},
{
"description": "Cloud Services Application versions ant\u00e9rieures \u00e0 5.0.5 ",
"product": {
"name": "Cloud Service Application (CSA)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
},
{
"description": "Policy Secure versions ant\u00e9rieures \u00e0 22.7R1.3",
"product": {
"name": "Policy Secure (IPS)",
"vendor": {
"name": "Ivanti",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-13843",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13843"
},
{
"name": "CVE-2024-13830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13830"
},
{
"name": "CVE-2024-38657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38657"
},
{
"name": "CVE-2024-10644",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10644"
},
{
"name": "CVE-2024-13842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13842"
},
{
"name": "CVE-2025-22467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22467"
},
{
"name": "CVE-2024-11771",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11771"
},
{
"name": "CVE-2024-13813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13813"
},
{
"name": "CVE-2024-12058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12058"
},
{
"name": "CVE-2024-47908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47908"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0121",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-02-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Ivanti. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Ivanti",
"vendor_advisories": [
{
"published_at": "2025-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ivanti Security-Advisory-Ivanti-Neurons-for-MDM-N-MDM",
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-MDM-N-MDM"
},
{
"published_at": "2025-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ivanti february-security-update",
"url": "https://www.ivanti.com/blog/february-security-update"
},
{
"published_at": "2025-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ivanti February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
},
{
"published_at": "2025-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ivanti Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771",
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771"
}
]
}
BDU:2025-05392
Vulnerability from fstec - Published: 11.02.2025
VLAI
Title
Уязвимость средств контроля сетевого доступа Ivanti Connect Secure и Ivanti Policy Secure, связанная с некорректным внешним управлением именем или путем файла, позволяющая нарушителю записывать произвольные файлы
Description
Уязвимость средств контроля сетевого доступа Ivanti Connect Secure и Ivanti Policy Secure связана с некорректным внешним управлением именем или путем файла. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, записывать произвольные файлы
Severity
Vendor
Ivanti
Software Name
Policy Secure, Connect Secure
Software Version
до 22.7R1.3 (Policy Secure), до 22.7R2.6 (Connect Secure)
Possible Mitigations
Использование рекомендаций производителя:
https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs
Reference
https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs
https://vuldb.com/ru/?id.295255
CWE
CWE-73
{
"CVSS 2.0": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Ivanti",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 22.7R1.3 (Policy Secure), \u0434\u043e 22.7R2.6 (Connect Secure)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.02.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "12.05.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "12.05.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-05392",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-12058",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Policy Secure, Connect Secure",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Ivanti Connect Secure \u0438 Ivanti Policy Secure, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u043c \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0438\u043c\u0435\u043d\u0435\u043c \u0438\u043b\u0438 \u043f\u0443\u0442\u0435\u043c \u0444\u0430\u0439\u043b\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u043d\u0435\u0448\u043d\u0435\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u043c\u0435\u043d\u0435\u043c \u0438\u043b\u0438 \u043f\u0443\u0442\u0435\u043c \u0444\u0430\u0439\u043b\u0430 (CWE-73)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Ivanti Connect Secure \u0438 Ivanti Policy Secure \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u043c \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0438\u043c\u0435\u043d\u0435\u043c \u0438\u043b\u0438 \u043f\u0443\u0442\u0435\u043c \u0444\u0430\u0439\u043b\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs\nhttps://vuldb.com/ru/?id.295255",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-73",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)"
}
FKIE_CVE-2024-12058
Vulnerability from fkie_nvd - Published: 2025-02-11 16:15 - Updated: 2025-07-16 16:00
Severity
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ivanti | connect_secure | * | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | connect_secure | 22.7 | |
| ivanti | policy_secure | * | |
| ivanti | policy_secure | 22.7 | |
| ivanti | policy_secure | 22.7 | |
| ivanti | policy_secure | 22.7 | |
| ivanti | policy_secure | 22.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:-:*:*:*:*:*:*",
"matchCriteriaId": "A0EC2FCD-5402-4269-B86A-18F8DFB8F2C9",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
"matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
"matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
"matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
"matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "8D24A8DB-D697-4C60-935D-B08EE36861CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files."
},
{
"lang": "es",
"value": "El control externo de un nombre de archivo en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.6 e Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.3 permite que un atacante remoto autenticado con privilegios de administrador lea archivos arbitrarios."
}
],
"id": "CVE-2024-12058",
"lastModified": "2025-07-16T16:00:23.297",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-02-11T16:15:38.663",
"references": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
],
"url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
}
],
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-73"
}
],
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary"
}
]
}
GHSA-G8JX-GXQ8-GG28
Vulnerability from github – Published: 2025-02-11 18:31 – Updated: 2025-02-11 18:31
VLAI
Details
External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.
Severity
6.8 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-12058"
],
"database_specific": {
"cwe_ids": [
"CWE-73"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-11T16:15:38Z",
"severity": "MODERATE"
},
"details": "External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.",
"id": "GHSA-g8jx-gxq8-gg28",
"modified": "2025-02-11T18:31:34Z",
"published": "2025-02-11T18:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12058"
},
{
"type": "WEB",
"url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
NCSC-2025-0052
Vulnerability from csaf_ncscnl - Published: 2025-02-12 09:35 - Updated: 2025-02-12 09:35Summary
Kwetsbaarheden verholpen in Ivanti Connect Secure en Ivanti Policy Secure
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Ivanti heeft kwetsbaarheden verholpen in Connect Secure en Policy Secure.
Interpretaties: De meest urgente kwetsbaarheden omvatten een buffer overflow, commando-injectie en code-injectie. Deze kwetsbaarheden stellen remote geauthenticeerde aanvallers in staat om op afstand code uit te voeren, ongeautoriseerde toegang te krijgen tot gevoelige informatie en bestanden op het systeem te verwijderen.
Oplossingen: Ivanti heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-732: Incorrect Permission Assignment for Critical Resource
CWE-312: Cleartext Storage of Sensitive Information
CWE-321: Use of Hard-coded Cryptographic Key
CWE-94: Improper Control of Generation of Code ('Code Injection')
CWE-121: Stack-based Buffer Overflow
CWE-73: External Control of File Name or Path
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
9.1 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
connect_secure
ivanti
|
cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
|
— | |
|
policy_secure
ivanti
|
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
|
— |
6.8 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
connect_secure
ivanti
|
cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
|
— | |
|
policy_secure
ivanti
|
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
|
— |
7.1 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
connect_secure
ivanti
|
cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
|
— | |
|
policy_secure
ivanti
|
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
connect_secure
ivanti
|
cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
|
— | |
|
policy_secure
ivanti
|
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
|
— |
6.0 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
connect_secure
ivanti
|
cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
|
— | |
|
policy_secure
ivanti
|
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
|
— |
6.0 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
connect_secure
ivanti
|
cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
|
— | |
|
policy_secure
ivanti
|
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
|
— |
CWE-73
- External Control of File Name or Path
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
connect_secure
ivanti
|
cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
|
— | |
|
policy_secure
ivanti
|
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
|
— |
9.9 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
connect_secure
ivanti
|
cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
|
— | |
|
policy_secure
ivanti
|
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
|
— |
References
9 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Ivanti heeft kwetsbaarheden verholpen in Connect Secure en Policy Secure.",
"title": "Feiten"
},
{
"category": "description",
"text": "De meest urgente kwetsbaarheden omvatten een buffer overflow, commando-injectie en code-injectie. Deze kwetsbaarheden stellen remote geauthenticeerde aanvallers in staat om op afstand code uit te voeren, ongeautoriseerde toegang te krijgen tot gevoelige informatie en bestanden op het systeem te verwijderen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Ivanti heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Cleartext Storage of Sensitive Information",
"title": "CWE-312"
},
{
"category": "general",
"text": "Use of Hard-coded Cryptographic Key",
"title": "CWE-321"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd",
"url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
}
],
"title": "Kwetsbaarheden verholpen in Ivanti Connect Secure en Ivanti Policy Secure",
"tracking": {
"current_release_date": "2025-02-12T09:35:30.260596Z",
"id": "NCSC-2025-0052",
"initial_release_date": "2025-02-12T09:35:30.260596Z",
"revision_history": [
{
"date": "2025-02-12T09:35:30.260596Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "connect_secure",
"product": {
"name": "connect_secure",
"product_id": "CSAFPID-505697",
"product_identification_helper": {
"cpe": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "policy_secure",
"product": {
"name": "policy_secure",
"product_id": "CSAFPID-505693",
"product_identification_helper": {
"cpe": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "ivanti"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-10644",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"product_status": {
"known_affected": [
"CSAFPID-505697",
"CSAFPID-505693"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-10644",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-10644.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-505697",
"CSAFPID-505693"
]
}
],
"title": "CVE-2024-10644"
},
{
"cve": "CVE-2024-12058",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
}
],
"product_status": {
"known_affected": [
"CSAFPID-505697",
"CSAFPID-505693"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12058",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-12058.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-505697",
"CSAFPID-505693"
]
}
],
"title": "CVE-2024-12058"
},
{
"cve": "CVE-2024-13813",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
}
],
"product_status": {
"known_affected": [
"CSAFPID-505697",
"CSAFPID-505693"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-13813",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13813.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-505697",
"CSAFPID-505693"
]
}
],
"title": "CVE-2024-13813"
},
{
"cve": "CVE-2024-13830",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-505697",
"CSAFPID-505693"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-13830",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13830.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-505697",
"CSAFPID-505693"
]
}
],
"title": "CVE-2024-13830"
},
{
"cve": "CVE-2024-13842",
"cwe": {
"id": "CWE-321",
"name": "Use of Hard-coded Cryptographic Key"
},
"notes": [
{
"category": "other",
"text": "Use of Hard-coded Cryptographic Key",
"title": "CWE-321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-505697",
"CSAFPID-505693"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-13842",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13842.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-505697",
"CSAFPID-505693"
]
}
],
"title": "CVE-2024-13842"
},
{
"cve": "CVE-2024-13843",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Cleartext Storage of Sensitive Information",
"title": "CWE-312"
}
],
"product_status": {
"known_affected": [
"CSAFPID-505697",
"CSAFPID-505693"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-13843",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13843.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-505697",
"CSAFPID-505693"
]
}
],
"title": "CVE-2024-13843"
},
{
"cve": "CVE-2024-38657",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
}
],
"product_status": {
"known_affected": [
"CSAFPID-505697",
"CSAFPID-505693"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38657",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38657.json"
}
],
"title": "CVE-2024-38657"
},
{
"cve": "CVE-2025-22467",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-505697",
"CSAFPID-505693"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-22467",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-22467.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-505697",
"CSAFPID-505693"
]
}
],
"title": "CVE-2025-22467"
}
]
}
WID-SEC-W-2025-0351
Vulnerability from csaf_certbund - Published: 2025-02-11 23:00 - Updated: 2025-02-11 23:00Summary
Ivanti Connect Secure, Policy Secure und Secure Access Client: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Connect Secure bietet TLS- und mobile VPN-Lösungen.
Ivanti Policy Secure ist eine Network Access Control (NAC) Lösung.
Der Ivanti Secure Access Client ist ein VPN Client für Ivanti Connect Secure.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Ivanti Connect Secure, Ivanti Policy Secure und Ivanti Secure Access Client ausnutzen, um seine Rechte zu erweitern, beliebigen Code auszuführen, Daten zu manipulieren und vertrauliche Informationen preiszugeben.
Betroffene Betriebssysteme: - Sonstiges
- Windows
Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schlüssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erhöhte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuführen, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Maß an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ivanti Policy Secure <22.7R1.3
Ivanti / Policy Secure
|
<22.7R1.3 | ||
|
Ivanti Connect Secure <22.7R2.6
Ivanti / Connect Secure
|
<22.7R2.6 |
Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schlüssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erhöhte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuführen, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Maß an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ivanti Policy Secure <22.7R1.3
Ivanti / Policy Secure
|
<22.7R1.3 | ||
|
Ivanti Connect Secure <22.7R2.6
Ivanti / Connect Secure
|
<22.7R2.6 |
Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schlüssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erhöhte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuführen, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Maß an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ivanti Policy Secure <22.7R1.3
Ivanti / Policy Secure
|
<22.7R1.3 | ||
|
Ivanti Connect Secure <22.7R2.6
Ivanti / Connect Secure
|
<22.7R2.6 |
Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schlüssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erhöhte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuführen, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Maß an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ivanti Policy Secure <22.7R1.3
Ivanti / Policy Secure
|
<22.7R1.3 | ||
|
Ivanti Connect Secure <22.7R2.6
Ivanti / Connect Secure
|
<22.7R2.6 |
Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schlüssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erhöhte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuführen, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Maß an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ivanti Policy Secure <22.7R1.3
Ivanti / Policy Secure
|
<22.7R1.3 | ||
|
Ivanti Connect Secure <22.7R2.6
Ivanti / Connect Secure
|
<22.7R2.6 |
Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schlüssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erhöhte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuführen, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Maß an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ivanti Policy Secure <22.7R1.3
Ivanti / Policy Secure
|
<22.7R1.3 | ||
|
Ivanti Connect Secure <22.7R2.6
Ivanti / Connect Secure
|
<22.7R2.6 |
Es besteht eine Schwachstelle in Ivanti Secure Access Client aufgrund unzureichender Berechtigungen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebige Dateien zu löschen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ivanti Secure Access Client <22.8R1
Ivanti / Secure Access Client
|
<22.8R1 |
Es besteht eine Schwachstelle in Ivanti Connect Secure aufgrund eines Stack-basierten Pufferüberlaufs. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ivanti Connect Secure <22.7R2.6
Ivanti / Connect Secure
|
<22.7R2.6 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Connect Secure bietet TLS- und mobile VPN-L\u00f6sungen.\r\nIvanti Policy Secure ist eine Network Access Control (NAC) L\u00f6sung.\r\nDer Ivanti Secure Access Client ist ein VPN Client f\u00fcr Ivanti Connect Secure.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Ivanti Connect Secure, Ivanti Policy Secure und Ivanti Secure Access Client ausnutzen, um seine Rechte zu erweitern, beliebigen Code auszuf\u00fchren, Daten zu manipulieren und vertrauliche Informationen preiszugeben.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0351 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0351.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0351 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0351"
},
{
"category": "external",
"summary": "Ivanti Security Advisory vom 2025-02-11",
"url": "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs"
}
],
"source_lang": "en-US",
"title": "Ivanti Connect Secure, Policy Secure und Secure Access Client: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-02-11T23:00:00.000+00:00",
"generator": {
"date": "2025-02-12T10:41:10.671+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0351",
"initial_release_date": "2025-02-11T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-02-11T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c22.7R2.6",
"product": {
"name": "Ivanti Connect Secure \u003c22.7R2.6",
"product_id": "T041138"
}
},
{
"category": "product_version",
"name": "22.7R2.6",
"product": {
"name": "Ivanti Connect Secure 22.7R2.6",
"product_id": "T041138-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ivanti:connect_secure:22.7r2.6"
}
}
}
],
"category": "product_name",
"name": "Connect Secure"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c22.7R1.3",
"product": {
"name": "Ivanti Policy Secure \u003c22.7R1.3",
"product_id": "T041139"
}
},
{
"category": "product_version",
"name": "22.7R1.3",
"product": {
"name": "Ivanti Policy Secure 22.7R1.3",
"product_id": "T041139-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ivanti:policy_secure:22.7r1.3"
}
}
}
],
"category": "product_name",
"name": "Policy Secure"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c22.8R1",
"product": {
"name": "Ivanti Secure Access Client \u003c22.8R1",
"product_id": "T041140"
}
},
{
"category": "product_version",
"name": "22.8R1",
"product": {
"name": "Ivanti Secure Access Client 22.8R1",
"product_id": "T041140-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ivanti:secure_access_client:22.8r1"
}
}
}
],
"category": "product_name",
"name": "Secure Access Client"
}
],
"category": "vendor",
"name": "Ivanti"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-10644",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schl\u00fcssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuf\u00fchren, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Ma\u00df an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T041139",
"T041138"
]
},
"release_date": "2025-02-11T23:00:00.000+00:00",
"title": "CVE-2024-10644"
},
{
"cve": "CVE-2024-12058",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schl\u00fcssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuf\u00fchren, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Ma\u00df an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T041139",
"T041138"
]
},
"release_date": "2025-02-11T23:00:00.000+00:00",
"title": "CVE-2024-12058"
},
{
"cve": "CVE-2024-13830",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schl\u00fcssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuf\u00fchren, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Ma\u00df an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T041139",
"T041138"
]
},
"release_date": "2025-02-11T23:00:00.000+00:00",
"title": "CVE-2024-13830"
},
{
"cve": "CVE-2024-13842",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schl\u00fcssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuf\u00fchren, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Ma\u00df an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T041139",
"T041138"
]
},
"release_date": "2025-02-11T23:00:00.000+00:00",
"title": "CVE-2024-13842"
},
{
"cve": "CVE-2024-13843",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schl\u00fcssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuf\u00fchren, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Ma\u00df an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T041139",
"T041138"
]
},
"release_date": "2025-02-11T23:00:00.000+00:00",
"title": "CVE-2024-13843"
},
{
"cve": "CVE-2024-38657",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Ivanti Connect Secure und Ivanti Policy Secure. Diese Schwachstellen bestehen aufgrund mehrerer Sicherheitsprobleme, darunter die externe Kontrolle von Dateinamen, ein reflektiertes xss, ein hartkodierter Schl\u00fcssel oder im Klartextformat gespeicherte Informationen. Ein Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte zu erlangen - sogar administrative Rechte, um beliebigen Code auszuf\u00fchren, Daten zu manipulieren und vertrauliche Informationen preiszugeben. Einige der Schwachstellen erfordern ein bestimmtes Ma\u00df an Berechtigung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T041139",
"T041138"
]
},
"release_date": "2025-02-11T23:00:00.000+00:00",
"title": "CVE-2024-38657"
},
{
"cve": "CVE-2024-13813",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Ivanti Secure Access Client aufgrund unzureichender Berechtigungen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebige Dateien zu l\u00f6schen."
}
],
"product_status": {
"known_affected": [
"T041140"
]
},
"release_date": "2025-02-11T23:00:00.000+00:00",
"title": "CVE-2024-13813"
},
{
"cve": "CVE-2025-22467",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Ivanti Connect Secure aufgrund eines Stack-basierten Puffer\u00fcberlaufs. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
}
],
"product_status": {
"known_affected": [
"T041138"
]
},
"release_date": "2025-02-11T23:00:00.000+00:00",
"title": "CVE-2025-22467"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…