CVE-2024-21887 (GCVE-0-2024-21887)

Vulnerability from cvelistv5 – Published: 2024-01-12 17:02 – Updated: 2025-10-21 23:05
VLAI? CISA
Summary
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
Severity ?
9.1 (Critical)
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Ivanti ICS Affected: 9.1R18 , ≤ 9.1R18 (custom)
Affected: 22.6R2 , ≤ 22.6R2 (custom)
Create a notification for this product.
    Ivanti IPS Affected: 9.1R18 , ≤ 9.1R18 (custom)
Affected: 22.6R1 , ≤ 22.6R1 (custom)
Create a notification for this product.
CISA Known Exploited Vulnerability
Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2024-01-10

Due date: 2024-01-22

Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Known

Notes: Please apply mitigations per vendor instructions. For more information, please see: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-21887

Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:33.413Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21887",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T18:55:58.242603Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-01-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-77",
                "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:05:28.696Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2024-01-10T00:00:00+00:00",
            "value": "CVE-2024-21887 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ICS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "22.6R2",
              "status": "affected",
              "version": "22.6R2",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "IPS",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThanOrEqual": "9.1R18",
              "status": "affected",
              "version": "9.1R18",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "22.6R1",
              "status": "affected",
              "version": "22.6R1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-22T17:06:21.273Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
        },
        {
          "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-21887",
    "datePublished": "2024-01-12T17:02:16.481Z",
    "dateReserved": "2024-01-03T01:04:06.538Z",
    "dateUpdated": "2025-10-21T23:05:28.696Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2024-21887",
      "cwes": "[\"CWE-77\"]",
      "dateAdded": "2024-01-10",
      "dueDate": "2024-01-22",
      "knownRansomwareCampaignUse": "Known",
      "notes": "Please apply mitigations per vendor instructions. For more information, please see: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-21887",
      "product": "Connect Secure and Policy Secure",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This vulnerability can be leveraged in conjunction with CVE-2023-46805, an authenticated bypass issue.",
      "vendorProject": "Ivanti",
      "vulnerabilityName": "Ivanti Connect Secure and Policy Secure Command Injection Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2024-01-22",
      "cisaExploitAdd": "2024-01-10",
      "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "cisaVulnerabilityName": "Ivanti Connect Secure and Policy Secure Command Injection Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEAA1F3F-FC78-43C1-814A-19E94AC4A844\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B21C181-DC49-4EBD-9932-DBB337151FF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A3A93FE-41BF-43F2-9EFC-89656182329F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D5F47BA-DE6D-443D-95C3-A45F80EDC71E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*\", \"matchCriteriaId\": \"366EF5B8-0233-49B8-806A-E54F60410ADE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DDDA231-2A5E-4C70-8620-535C7F9027A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*\", \"matchCriteriaId\": \"32E0B425-A9BA-4D00-84A9-46268072D696\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBC724E8-195B-4CB4-AC2A-63E184AED4F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*\", \"matchCriteriaId\": \"65435A96-EF7A-439A-AA6C-CB7EAEF0A963\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3027A9CE-849E-4CAE-A1C4-170DEAF4FE86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*\", \"matchCriteriaId\": \"C132BA26-BCA0-43E6-9511-34ACFFA136A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE228FBD-5AD1-4BC6-AF63-5248E671B04F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*\", \"matchCriteriaId\": \"44C26423-8621-4F6D-A45B-0A6B6E873AB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC391EB5-C457-459C-8EAA-EA0043487C0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB6CEA16-F422-48F1-9473-3931B1BFA63F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E238AB9F-99C1-4F0D-B442-D390065D35D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*\", \"matchCriteriaId\": \"28FDE909-711C-41EC-8BA6-AC4DE05EA27E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4FEFC4B1-7350-46F9-80C1-42F5AE06142F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB7A6D62-6576-4713-9BF4-11068A72E8B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*\", \"matchCriteriaId\": \"843BC1B9-50CC-4F8F-A454-A0CEC6E92290\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5355372-03EA-46D7-9104-A2785C29B664\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DE32A0C-8944-4F51-A286-266055CA4B2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0349A0CC-A372-4E51-899E-D7BA67876F4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*\", \"matchCriteriaId\": \"93D1A098-BD77-4A7B-9070-A764FB435981\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CCC2D7B-F835-45EC-A316-2F0C5F2CF565\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD812596-C77C-4129-982F-C22A25B52126\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FA0B20D-3FA1-42AE-BDC5-93D8A182927C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*\", \"matchCriteriaId\": \"16DAA769-8F0D-4C54-A8D9-9902995605B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2C10C89-1DBC-4E91-BD28-D5097B589CA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"80C56782-273A-4151-BE81-13FEEFE46A6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*\", \"matchCriteriaId\": \"6564FE9E-7D96-4226-8378-DAC25525CDD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"361FAA47-52FF-4B36-96B0-9C178A4E031B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCBF6DD0-2826-4E61-8FB6-DB489EBF8981\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"415219D0-2D9A-4617-ABB7-6FF918421BEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3DF17AC-EC26-4B76-8989-B7880C9EF73E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.5:r2.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"001E117B-E8EE-4C20-AEBF-34FF5EB5051E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C383863-1E90-4B72-A500-4326782BC92F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB9A5868-34FB-446E-817F-6701CC5DE923\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5456F61D-1FD1-4DA6-AFA3-4073889AD22A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD00E2EC-B772-4FE8-8CC5-829BE45BE878\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A07B66E0-A679-4912-8CB1-CD134713EDC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF767F07-2E9F-4099-829D-2F70E85D8A35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*\", \"matchCriteriaId\": \"B994E22B-8FA5-4510-82F6-7820BDA7C307\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE5C4ABC-2BEB-4741-95B3-303903369818\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*\", \"matchCriteriaId\": \"D50C5526-F791-4C76-B5C0-DA2E1281C9E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CB8240E-7683-4C39-9654-4F8D1F682288\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A53C031-E7A5-47B6-BA4A-DD28432E743F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*\", \"matchCriteriaId\": \"B90687F3-A5C1-4706-AD66-D78EE512E4C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*\", \"matchCriteriaId\": \"D10A3F2D-6A62-4A48-93FB-274527C821D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*\", \"matchCriteriaId\": \"811C7E7E-89AB-47DF-BACD-ED478DF756BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D37A6E4-D58E-444D-AF6A-15461F38E81A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC2B9DA0-E32B-4125-9986-F0D3814C66E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"38A0D7CF-7D55-4933-AE8C-36006D6779E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BAFDA618-D15D-401D-AC68-0020259FEC57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D55AB5F0-132F-4C40-BF4F-684E139B774B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BE937D2-8BEE-4E64-8738-F550EAD00F50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C753520-1BC6-4980-AFC9-4C2FDDF2FD18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC3863BC-3B9A-402B-A74A-149CDF717EC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7ED1686B-2D80-4ECF-9F7A-AEA989E17C84\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*\", \"matchCriteriaId\": \"092DA2A3-5CEF-433F-8E5B-4850E4095CC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A385F38B-0B03-4B69-B7A1-952F5BAE727C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*\", \"matchCriteriaId\": \"925DCCBA-9382-4A39-84B8-4DEAFD2BC802\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"34C118FB-7AE0-466C-822A-348A2F6016AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"1536DB45-9A42-4549-A10E-FDBB6693DF17\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"51FF66C9-9415-4EAD-8F19-D5E067336885\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D73729EB-C679-4CED-9F36-212B0581EC22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"14B481E8-D887-408F-B892-D2939CD037AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EB8380F-D229-4AF0-B27C-47760F843E48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.5:r2.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"28A9318A-0D4D-4EF1-998B-4A82A1AB63F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"56C7542D-3520-4E4D-936C-5295068C4CD7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de inyecci\\u00f3n de comandos en componentes web de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure (9.x, 22.x) permite a un administrador autenticado enviar solicitudes especialmente manipuladas y ejecutar comandos arbitrarios en el dispositivo.\"}]",
      "id": "CVE-2024-21887",
      "lastModified": "2024-11-29T15:21:57.970",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 6.0}], \"cvssMetricV30\": [{\"source\": \"support@hackerone.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 6.0}]}",
      "published": "2024-01-12T17:15:10.017",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html\", \"source\": \"support@hackerone.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US\", \"source\": \"support@hackerone.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "support@hackerone.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-21887\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2024-01-12T17:15:10.017\",\"lastModified\":\"2025-10-31T21:56:55.430\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de inyecci\u00f3n de comandos en componentes web de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure (9.x, 22.x) permite a un administrador autenticado enviar solicitudes especialmente manipuladas y ejecutar comandos arbitrarios en el dispositivo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.3,\"impactScore\":6.0}],\"cvssMetricV30\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.3,\"impactScore\":6.0}]},\"cisaExploitAdd\":\"2024-01-10\",\"cisaActionDue\":\"2024-01-22\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Ivanti Connect Secure and Policy Secure Command Injection Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEAA1F3F-FC78-43C1-814A-19E94AC4A844\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B21C181-DC49-4EBD-9932-DBB337151FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A3A93FE-41BF-43F2-9EFC-89656182329F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D5F47BA-DE6D-443D-95C3-A45F80EDC71E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*\",\"matchCriteriaId\":\"366EF5B8-0233-49B8-806A-E54F60410ADE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DDDA231-2A5E-4C70-8620-535C7F9027A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*\",\"matchCriteriaId\":\"32E0B425-A9BA-4D00-84A9-46268072D696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBC724E8-195B-4CB4-AC2A-63E184AED4F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*\",\"matchCriteriaId\":\"65435A96-EF7A-439A-AA6C-CB7EAEF0A963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3027A9CE-849E-4CAE-A1C4-170DEAF4FE86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*\",\"matchCriteriaId\":\"C132BA26-BCA0-43E6-9511-34ACFFA136A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE228FBD-5AD1-4BC6-AF63-5248E671B04F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*\",\"matchCriteriaId\":\"44C26423-8621-4F6D-A45B-0A6B6E873AB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC391EB5-C457-459C-8EAA-EA0043487C0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB6CEA16-F422-48F1-9473-3931B1BFA63F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E238AB9F-99C1-4F0D-B442-D390065D35D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*\",\"matchCriteriaId\":\"28FDE909-711C-41EC-8BA6-AC4DE05EA27E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FEFC4B1-7350-46F9-80C1-42F5AE06142F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB7A6D62-6576-4713-9BF4-11068A72E8B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"843BC1B9-50CC-4F8F-A454-A0CEC6E92290\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5355372-03EA-46D7-9104-A2785C29B664\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DE32A0C-8944-4F51-A286-266055CA4B2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0349A0CC-A372-4E51-899E-D7BA67876F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"93D1A098-BD77-4A7B-9070-A764FB435981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CCC2D7B-F835-45EC-A316-2F0C5F2CF565\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD812596-C77C-4129-982F-C22A25B52126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FA0B20D-3FA1-42AE-BDC5-93D8A182927C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*\",\"matchCriteriaId\":\"16DAA769-8F0D-4C54-A8D9-9902995605B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2C10C89-1DBC-4E91-BD28-D5097B589CA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"80C56782-273A-4151-BE81-13FEEFE46A6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6564FE9E-7D96-4226-8378-DAC25525CDD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"361FAA47-52FF-4B36-96B0-9C178A4E031B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCBF6DD0-2826-4E61-8FB6-DB489EBF8981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"415219D0-2D9A-4617-ABB7-6FF918421BEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DF17AC-EC26-4B76-8989-B7880C9EF73E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.5:r2.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"001E117B-E8EE-4C20-AEBF-34FF5EB5051E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C383863-1E90-4B72-A500-4326782BC92F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB9A5868-34FB-446E-817F-6701CC5DE923\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5456F61D-1FD1-4DA6-AFA3-4073889AD22A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD00E2EC-B772-4FE8-8CC5-829BE45BE878\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A07B66E0-A679-4912-8CB1-CD134713EDC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF767F07-2E9F-4099-829D-2F70E85D8A35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*\",\"matchCriteriaId\":\"B994E22B-8FA5-4510-82F6-7820BDA7C307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE5C4ABC-2BEB-4741-95B3-303903369818\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*\",\"matchCriteriaId\":\"D50C5526-F791-4C76-B5C0-DA2E1281C9E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CB8240E-7683-4C39-9654-4F8D1F682288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A53C031-E7A5-47B6-BA4A-DD28432E743F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*\",\"matchCriteriaId\":\"B90687F3-A5C1-4706-AD66-D78EE512E4C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*\",\"matchCriteriaId\":\"D10A3F2D-6A62-4A48-93FB-274527C821D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*\",\"matchCriteriaId\":\"811C7E7E-89AB-47DF-BACD-ED478DF756BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D37A6E4-D58E-444D-AF6A-15461F38E81A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2B9DA0-E32B-4125-9986-F0D3814C66E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"38A0D7CF-7D55-4933-AE8C-36006D6779E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAFDA618-D15D-401D-AC68-0020259FEC57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55AB5F0-132F-4C40-BF4F-684E139B774B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BE937D2-8BEE-4E64-8738-F550EAD00F50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C753520-1BC6-4980-AFC9-4C2FDDF2FD18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC3863BC-3B9A-402B-A74A-149CDF717EC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ED1686B-2D80-4ECF-9F7A-AEA989E17C84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*\",\"matchCriteriaId\":\"092DA2A3-5CEF-433F-8E5B-4850E4095CC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A385F38B-0B03-4B69-B7A1-952F5BAE727C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"925DCCBA-9382-4A39-84B8-4DEAFD2BC802\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"34C118FB-7AE0-466C-822A-348A2F6016AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1536DB45-9A42-4549-A10E-FDBB6693DF17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"51FF66C9-9415-4EAD-8F19-D5E067336885\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D73729EB-C679-4CED-9F36-212B0581EC22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"14B481E8-D887-408F-B892-D2939CD037AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB8380F-D229-4AF0-B27C-47760F843E48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.5:r2.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"28A9318A-0D4D-4EF1-998B-4A82A1AB63F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C7542D-3520-4E4D-936C-5295068C4CD7\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US\",\"source\":\"support@hackerone.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"descriptions\": [{\"lang\": \"en\", \"value\": \"A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.\"}], \"affected\": [{\"defaultStatus\": \"unaffected\", \"vendor\": \"Ivanti\", \"product\": \"ICS\", \"versions\": [{\"version\": \"9.1R18\", \"status\": \"affected\", \"lessThanOrEqual\": \"9.1R18\", \"versionType\": \"custom\"}, {\"version\": \"22.6R2\", \"status\": \"affected\", \"lessThanOrEqual\": \"22.6R2\", \"versionType\": \"custom\"}]}, {\"defaultStatus\": \"unaffected\", \"vendor\": \"Ivanti\", \"product\": \"IPS\", \"versions\": [{\"version\": \"9.1R18\", \"status\": \"affected\", \"lessThanOrEqual\": \"9.1R18\", \"versionType\": \"custom\"}, {\"version\": \"22.6R1\", \"status\": \"affected\", \"lessThanOrEqual\": \"22.6R1\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US\"}, {\"url\": \"http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html\"}], \"metrics\": [{\"cvssV3_0\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\"}}], \"providerMetadata\": {\"orgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"shortName\": \"hackerone\", \"dateUpdated\": \"2024-01-22T17:06:21.273Z\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:35:33.413Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html\", \"tags\": [\"x_transferred\"]}]}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-21887\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T18:55:58.242603Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-01-10\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T18:55:39.692Z\"}, \"timeline\": [{\"time\": \"2024-01-10T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2024-21887 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-21887\", \"assignerOrgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"hackerone\", \"dateReserved\": \"2024-01-03T01:04:06.538Z\", \"datePublished\": \"2024-01-12T17:02:16.481Z\", \"dateUpdated\": \"2025-10-21T19:45:17.165Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.