fkie_nvd - fkie_cve-2024-22023

FKIE_CVE-2024-22023

Vulnerability from fkie_nvd - Published: 2024-04-04 20:15 - Updated: 2024-11-21 08:55

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.

References

	URL	Tags
	support@hackerone.com	https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1
ivanti	connect_secure	22.1
ivanti	connect_secure	22.2
ivanti	connect_secure	22.3
ivanti	connect_secure	22.4
ivanti	connect_secure	22.5
ivanti	connect_secure	22.6
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.0
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	9.1
ivanti	policy_secure	22.1
ivanti	policy_secure	22.2
ivanti	policy_secure	22.3
ivanti	policy_secure	22.4
ivanti	policy_secure	22.5
ivanti	policy_secure	22.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:lts:*:*:*",
              "matchCriteriaId": "4F06BC30-D62D-4A8F-8279-69C1A4A77357",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FCEFEAE-2A69-4B54-B59F-207E182587B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E34306-6D29-44FF-914C-F56A0BDB9BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "72229EFD-B5F2-4EFA-9B62-8CB30767E9A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FDDA64-2FFB-424B-84C3-5D12B023BEE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF23F7CD-2A2F-4074-9711-7AF001D27693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DCED84C-D9C4-4863-8323-721C3009046E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "943AE706-D105-4F10-9CEE-DFED2B398BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97BA5833-4D1C-49FE-AED1-C05739C70D9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF784115-7006-49AE-96B9-E983936733B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F070F30-4AFE-4A02-843D-702F08F29630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BC6B43E-6BBF-421A-9F9C-41FEBA72712B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED7C69C-6F3E-442E-BEBE-57E14AA2165F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS. "
    },
    {
      "lang": "es",
      "value": "Una expansi\u00f3n de entidad XML o vulnerabilidad XEE en el componente SAML de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure permite que un atacante no autenticado env\u00ede solicitudes XML especialmente manipuladas para causar temporalmente el agotamiento de los recursos, lo que resulta en una DoS por tiempo limitado."
    }
  ],
  "id": "CVE-2024-22023",
  "lastModified": "2024-11-21T08:55:25.000",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "support@hackerone.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-04-04T20:15:08.130",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CVE-2024-22023 (GCVE-0-2024-22023)

Vulnerability from cvelistv5 – Published: 2024-04-04 19:45 – Updated: 2024-10-03 21:38

Summary

Severity ?

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-703 - Improper Check or Handling of Exceptional Conditions

Assigner

hackerone

References

URL

Tags

https://forums.ivanti.com/s/article/New-CVE-2024-…

Impacted products

Vendor

Product

Version

Ivanti

Connect Secure

Affected: 22.1R6.2 , < 22.1R6.2 (semver)
Affected: 22.2R4.2 , < 22.2R4.2 (semver)
Affected: 22.3R1.2 , < 22.3R1.2 (semver)
Affected: 22.4R1.2 , < 22.4R1.2 (semver)
Affected: 22.4R2.4 , < 22.4R2.4 (semver)
Affected: 22.5R1.3 , < 22.5R1.3 (semver)
Affected: 22.5R2.4 , < 22.5R2.4 (semver)
Affected: 22.6R2.3 , < 22.6R2.3 (semver)
Affected: 9.1R14.6 , < 9.1R14.6 (semver)
Affected: 9.1R15.4 , < 9.1R15.4 (semver)
Affected: 9.1R16.4 , < 9.1R16.4 (semver)
Affected: 9.1R17.4 , < 9.1R17.4 (semver)
Affected: 9.1R18.5 , < 9.1R18.5 (semver)

Ivanti

Policy Secure

Affected: 22.4R1.2 , < 22.4R1.2 (semver)
Affected: 22.5R1.3 , < 22.5R1.3 (semver)
Affected: 22.6R1.2 , < 22.6R1.2 (semver)
Affected: 9.1R16.4 , < 9.1R16.4 (semver)
Affected: 9.1R17.4 , < 9.1R17.4 (semver)
Affected: 9.1R18.5 , < 9.1R18.5 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "connect_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "9.1R18.5"
              },
              {
                "status": "affected",
                "version": "22.6R2.3"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "22.2R3"
              },
              {
                "status": "affected",
                "version": "22.5R2.4"
              },
              {
                "status": "affected",
                "version": "9.1R14.6"
              },
              {
                "status": "affected",
                "version": "9.1R15.4"
              },
              {
                "status": "affected",
                "version": "22.2R4.2"
              },
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "22.1R6.2"
              },
              {
                "status": "affected",
                "version": "22.3R1.2"
              },
              {
                "status": "affected",
                "version": "22.4R2.4"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "policy_secure",
            "vendor": "ivanti",
            "versions": [
              {
                "status": "affected",
                "version": "22.4R1.2"
              },
              {
                "status": "affected",
                "version": "22.5R1.3"
              },
              {
                "status": "affected",
                "version": "22.6R1.2"
              },
              {
                "status": "affected",
                "version": "9.1R16.4"
              },
              {
                "status": "affected",
                "version": "9.1R17.4"
              },
              {
                "status": "affected",
                "version": "9.1R18.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22023",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-05T13:19:01.057408Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-703",
                "description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T21:38:58.416Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.713Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Connect Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.1R6.2",
              "status": "affected",
              "version": "22.1R6.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R4.2",
              "status": "affected",
              "version": "22.2R4.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R1.2",
              "status": "affected",
              "version": "22.3R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2.4",
              "status": "affected",
              "version": "22.4R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.3",
              "status": "affected",
              "version": "22.5R1.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R2.4",
              "status": "affected",
              "version": "22.5R2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R2.3",
              "status": "affected",
              "version": "22.6R2.3",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R14.6",
              "status": "affected",
              "version": "9.1R14.6",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R15.4",
              "status": "affected",
              "version": "9.1R15.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Policy Secure",
          "vendor": "Ivanti",
          "versions": [
            {
              "lessThan": "22.4R1.2",
              "status": "affected",
              "version": "22.4R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.5R1.3",
              "status": "affected",
              "version": "22.5R1.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.6R1.2",
              "status": "affected",
              "version": "22.6R1.2",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R16.4",
              "status": "affected",
              "version": "9.1R16.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R17.4",
              "status": "affected",
              "version": "9.1R17.4",
              "versionType": "semver"
            },
            {
              "lessThan": "9.1R18.5",
              "status": "affected",
              "version": "9.1R18.5",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS. "
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-04T19:45:10.162Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2024-22023",
    "datePublished": "2024-04-04T19:45:10.162Z",
    "dateReserved": "2024-01-04T01:04:06.574Z",
    "dateUpdated": "2024-10-03T21:38:58.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2024-22023

CVE-2024-22023 (GCVE-0-2024-22023)

Tags

Sightings

Nomenclature