CVE-2024-21893
Ivanti Connect Secure, Policy Secure, and Neurons - [Actively Exploited]
Description
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
INFO
Published Date :
Jan. 31, 2024, 6:15 p.m.
Last Modified :
Nov. 29, 2024, 3:16 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
4.2
Exploitability Score :
3.9
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2024-21893
Public PoC/Exploit Available at Github
CVE-2024-21893 has a 12 public PoC/Exploit
available at Github.
Go to the Public Exploits
tab to see the list.
Affected Products
The following products are affected by CVE-2024-21893
vulnerability.
Even if cvefeed.io
is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-21893
.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
CLI utility to query Shodan's CVE DB
cve-search shodan shodan-client
Go
此项目的POC来源为2024年以来各大威胁情报的高危漏洞复现,POC已通过nuclei或xray武器化,本项目旨在为网络安全爱好者们提供一点参考资料,可供个人研究使用,共勉
Shell Batchfile Python ASP.NET Java Classic ASP PHP
This repository is dedicated to specific tasks aimed at improving threat detection, analysis, and mitigation capabilities within the scope of Siber Koza's CTI Platform Project, on a weekly basis.
Python
A curated list of CVEs, respective PoC and a docker/vm to test it.
Python Dockerfile HTML CSS
A curated list of all the CVEs, the respective PoC if found and a docker/vm to test it.
Python Dockerfile HTML CSS
Invanti VPN Vulnerabilities for Jan - Feb 2024 - Links to Keep it all Organized
CVE-2024-21893 to CVE-2024-21887 Exploit Toolkit
Python
CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure
Python
Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.
Python
Collect some iot-related security articles, including vulnerability analysis, security conferences and papers, etc.
iot-security
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
cisa-kev vulnerability 0day cisa exploits
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
security cve exploit poc vulnerability
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-21893
vulnerability anywhere in the article.
- The Cyber Express
December 2024 Cyble Report: Malware, Phishing, and IoT Vulnerabilities on the Rise
The latest Sensor Intelligence Report from Cyble, dated December 4–10, 2024, sheds light on a troubling increase in cyber threats, including malware intrusions, phishing scams, and attacks targeting v ... Read more
- The Cyber Express
Microsoft December Patch Tuesday 2024: 71 Vulnerabilities Addressed, Including Critical Zero-Day Flaws
Microsoft’s December Patch Tuesday update, the last one of 2024, addresses a massive number of vulnerabilities, including 71 newly identified flaws across various products. As part of the regular Dece ... Read more
- The Cyber Express
Head Mare Targets Russian Orgs with Hidden LNK Files, Ransomware
Cyble researchers have detected a new campaign targeting Russia by the hacktivist group Head Mare that uses a disguised LNK file to hide an executable. The campaign is also noteworthy for its ability ... Read more
- The Cyber Express
Is Your QNAP NAS Secure? Critical Patches Released for Major Vulnerabilities
QNAP NAS systems, widely regarded for their reliability in personal and enterprise data storage, have recently come under scrutiny due to multiple critical vulnerabilities. These QNAP NAS vulnerabilit ... Read more
- The Cyber Express
CVE-2024-11205: WPForms Plugin Vulnerability Exposes 6 Million WordPress Sites to Financial Risk
A critical vulnerability, identified as CVE-2024-11205, was discovered in the WPForms plugin, a popular WordPress form builder used by over 6 million active websites. This vulnerability, which has bee ... Read more
- The Cyber Express
CERT-In Reports Security Flaw in Tinxy App: Upgrade Now to Stay Safe
The Indian Computer Emergency Response Team (CERT-In), the national nodal agency for responding to cybersecurity threats, has issued a vulnerability note (CIVN-2024-0355) highlighting an information d ... Read more
- The Cyber Express
Critical Veeam Vulnerabilities Expose Service Provider Console to Cyber Risks
Veeam has published a critical advisory regarding severe vulnerabilities affecting its Veeam Service Provider Console (VSPC), particularly impacting version 8.1.0.21377 and earlier builds from version ... Read more
- The Cyber Express
CISA Adds Three Critical Vulnerabilities to KEV Catalog: Immediate Action Urged
The Cybersecurity and Infrastructure Security Agency (CISA) recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding three critical vulnerabilities that are being actively exploited ... Read more
- The Cyber Express
Critical ICS Vulnerabilities Discovered in Schneider Electric, mySCADA, and Automated Logic Products
A recent Cyble ICS vulnerabilities report sheds light on several critical vulnerabilities in industrial control systems (ICS) from major vendors including Schneider Electric, mySCADA, and Automated Lo ... Read more
- The Cyber Express
Zyxel Firewalls Targeted by Helldown Ransomware: CVE-2024-11667 Exploited
Zyxel Firewalls have become a key target in recent cyberattacks, with attackers exploiting a critical vulnerability to deploy the dangerous Helldown ransomware. The German CERT (CERT-Bund) has issued ... Read more
- The Cyber Express
Australia’s New Cyber Security Act: Mandatory Ransom Payment Reporting
The Australian government has passed the new Cyber Security Act, which was recently approved by Parliament. One of the most critical provisions of this new law mandates that organizations must report ... Read more
- The Cyber Express
Critical Flaw in Oracle Agile PLM Framework Exposes Sensitive Data: Patch Now
Oracle’s Agile Product Lifecycle Management (PLM) software has been flagged for a security vulnerability (CVE-2024-21287) by CERT-In (Computer Emergency Response Team – India). The vulnerability, cata ... Read more
- The Cyber Express
Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled
A Russia-aligned hacking group, known as RomCom (also identified as Storm-0978, Tropical Scorpius, or UNC2596), has successfully exploited two zero-day vulnerabilities—one in Mozilla Firefox and anoth ... Read more
- The Cyber Express
AI Red Teaming in Focus: Why CISA Advocates a Secure by Design Approach
Artificial Intelligence (AI) has become a critical enabler across sectors, reshaping industries from healthcare to transportation. However, with its transformative potential comes a spectrum of safety ... Read more
- The Cyber Express
CISA Adds Array Networks’ CVE-2023-28461 to KEV List: Critical Patching Urged
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a critical security flaw, CVE-2023-28461, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability i ... Read more
- The Cyber Express
Apple Security Update: Addressing Critical Vulnerabilities in Apple Software
Apple recently rolled out a security update that addresses critical vulnerabilities in multiple Apple devices. Released on November 19, the Apple security update impacts various platforms, including i ... Read more
- The Cyber Express
Palo Alto Reports Two More Bugs in PAN-OS That Are Being Actively Exploited
An alarming set of chained vulnerabilities in Palo Alto Networks’ PAN-OS software has sparked concerns that attackers could seize administrator privileges through an authentication bypass. The first v ... Read more
- The Cyber Express
High-Severity Vulnerability in Cisco ECE Could Lead to Denial of Service, CERT-In Issues Alert
The Computer Emergency Response Team of India (CERT-In) has issued a high-severity alert regarding a newly identified vulnerability in Cisco’s Enterprise Chat and Email (ECE) platform. Tagged as CERT- ... Read more
- The Cyber Express
Key ICS Vulnerabilities Identified in Latest CISA Advisories
The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued a series of security advisories, shedding light on several critical vulnerabilities affecting Industrial Control Systems ... Read more
- The Cyber Express
CISA Alerts: Five Newly Exploited Vulnerabilities Added to Critical Watchlist
The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of their active ... Read more
- The Cyber Express
Top 15 Exploited Cyber Vulnerabilities Revealed: Five Eyes Alliance Urges Immediate Patching
The FBI, NSA, and allied agencies within the Five Eyes intelligence network have published a list of the 15 most exploited vulnerabilities from 2023. The cybersecurity advisory, a collaborative effort ... Read more
- The Cyber Express
Microsoft’s November 2024 Patch Tuesday Addresses 91 Vulnerabilities, Including Four Critical Zero-Days
Microsoft rolled out its monthly security updates as part of the Microsoft November 2024 Patch Tuesday cycle. The company addressed a total of 91 vulnerabilities, with four of them being classified as ... Read more
- The Cyber Express
HPE Issues Urgent Patches for Critical Vulnerabilities in Aruba Networking Access Points
Hewlett Packard Enterprise (HPE) has issued critical security patches to address several vulnerabilities affecting its Aruba Networking Access Point products. These vulnerabilities (CVE-2024-42509 and ... Read more
- The Cyber Express
Google Chrome Users at Risk: CERT-In Advises Urgent Update to Fix Security Flaws
The Indian Computer Emergency Response Team (CERT-In) has issued a warning about newly discovered vulnerabilities in Google Chrome that could pose significant risks to users. These vulnerabilities, id ... Read more
- The Cyber Express
Critical WPLMS WordPress Theme Vulnerability Puts Websites at Risk of RCE Attacks
A newly discovered vulnerability in the WPLMS WordPress theme threatens websites with potential Remote Code Execution (RCE) due to a critical path traversal flaw. CVE-2024-10470, a vulnerability in th ... Read more
- The Cyber Express
D-Link to Not Fix Critical Bug Found in End-of-Life NAS Devices
A severe security flaw in outdated D-Link network-attached storage (NAS) devices leaves over 61,000 units exposed online with no patches. Researchers have identified a command injection vulnerability ... Read more
- The Cyber Express
CISA Warns of Critical Vulnerabilities in Industrial Control Systems Affecting Key Infrastructure Sectors
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued multiple advisories alerting the public to critical vulnerabilities affecting industrial control systems (ICS) equipment deploye ... Read more
- The Cyber Express
CISA Alerts Fed Agencies of Active Exploitation of Palo Alto Networks’ CVE-2024-5910
A missing authentication flaw in Palo Alto Networks’ Expedition tool now jeopardizes firewall configurations across sectors, with attackers actively exploiting this vulnerability in the wild. The U.S. ... Read more
- The Cyber Express
Critical Command Injection Vulnerability Hits Cisco’s Wireless Backhaul Devices
Cisco’s Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul (URWB) Access Points contain a severe vulnerability that potentially allows attackers to execute commands with root pr ... Read more
- The Cyber Express
Google Addresses Two Android Zero-Days Used in Targeted Attacks
In its November security update, Google has patched two critical Android zero-days actively exploited in targeted attacks, along with 49 additional vulnerabilities. Google flagged these zero-day flaws ... Read more
- The Cyber Express
Critical ICS Vulnerabilities Exposed: CISA Advisories Urge Immediate Action
Cyble Research & Intelligence Labs (CRIL) has released a new report focusing on critical Industrial Control System (ICS) vulnerabilities, with insights derived from recent advisories issued by the Cyb ... Read more
- The Cyber Express
CISA Flags Critical Security Flaws in PTZOptics Cameras, Urges Swift Action by Federal Agencies
The Cybersecurity and Infrastructure Security Agency (CISA) has added two newly discovered vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog following confirmed reports of active ex ... Read more
- The Cyber Express
FortiManager May Still Be Vulnerable Despite ‘FortiJump’ Patch
The ‘FortiJump’ vulnerability in Fortinet’s FortiManager management platform may not have been completely fixed by the company’s patch issued last month. A screen recording posted to X (formerly known ... Read more
- The Cyber Express
Cyble Warns of Escalating Cyber Risks in IoT and WordPress Plugins Amid Phishing Surge
In the latest edition of Cyble’s weekly sensor intelligence report, cybersecurity experts revealed a concerning surge in attacks targeting the LightSpeed Cache and GutenKit WordPress plugins. As the r ... Read more
- The Cyber Express
New Vulnerabilities in Fortinet, SonicWall, and Grafana Pose Significant Risks
Cyble Research and Intelligence Labs (CRIL) has identified new IT vulnerabilities affecting Fortinet, SonicWall, Grafana Labs, and CyberPanel, among others. The report for the week of October 23-29 hi ... Read more
- The Cyber Express
Nearly 1 Million Vulnerable Fortinet, SonicWall Devices Exposed to the Web
Nearly 1 million Fortinet and SonicWall devices with actively exploited vulnerabilities are exposed on the internet, according to Cyble’s weekly vulnerability report published today. The report also l ... Read more
- The Cyber Express
Apple Silences the Critics: visionOS 2.1 Plugs Major Security Holes
Apple has launched the highly anticipated visionOS 2.1 update for its innovative mixed reality headset, the Apple Vision Pro. This update is particularly important as it addresses a range of Apple Vis ... Read more
- The Cyber Express
IoT Vulnerabilities Exposed: Philips Smart Bulbs Pose Risks to Home Wi-Fi Security
In an era where the Internet of Things (IoT) promises convenience and efficiency, the rapid adoption of smart home technology comes with hidden security risks. From smart fridges to light bulbs, IoT d ... Read more
- The Cyber Express
‘I’m not a Robot’ reCAPTCHA Trojanized by Russian Hackers to Target Local Ukrainian Government
Ukraine is confronting a new cyberattack vector from Russian military intelligence (GRU) connected hackers that is targeting local governments. The Computer Emergency Response Team of Ukraine (CERT-UA ... Read more
- The Cyber Express
Cisco Patches Critical Vulnerability Affecting VPN Services
Cisco Systems released a critical advisory regarding a vulnerability in the Remote Access VPN (RAVPN) service associated with its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) s ... Read more
- The Cyber Express
Cyble Sensors Uncover Cyberattacks on Java Framework and IoT Devices
Cyble vulnerability intelligence unit has shared a report, detailing the recent cyberattacks on the Spring Java framework and hundreds of thousands of Internet of Things (IoT) devices. The report shed ... Read more
- The Cyber Express
High-Risk ICS Vulnerability Exposes ICONICS and Mitsubishi Electric Products to Data Breaches
The Cybersecurity and Infrastructure Security Agency (CISA), on October 22, 2024, issued a new advisory targeting Industrial Control Systems (ICS). One of the most significant vulnerabilities highligh ... Read more
- The Cyber Express
Multiple High-Severity Vulnerabilities Found in Bitdefender Products: Patch Now
Bitdefender has recently alerted users to critical vulnerabilities within Bitdefender Total Security and SafePay, necessitating immediate action to protect against online threats. These Bitdefender vu ... Read more
- The Cyber Express
Splunk’s Recent Security Advisory: Addressing Vulnerabilities in Splunk Enterprise
Splunk has recently issued a security advisory aimed at addressing multiple vulnerabilities within its Splunk Enterprise software. The advisory categorizes these Splunk vulnerabilities into three main ... Read more
- The Cyber Express
CVE-2024-9537: CISA Warns of Unpatched ScienceLogic SL1 Exploit in Active Use
U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog-CVE-2024-9537. This vulnerability affects ScienceLogic SL1 ( ... Read more
- The Cyber Express
Dumbest Thing in Security This Week: The Most Exploited Vulnerability Is…
Cyble’s weekly sensor report is an always fascinating look at the vulnerabilities that threat actors are actively exploiting. While new vulnerabilities are quickly exploited, older ones are still expl ... Read more
- The Cyber Express
Critical Vulnerability in Kubernetes Image Builder Exposes Nodes to Root Access
A new security risk has emerged in the Kubernetes Image Builder, posing a critical threat to organizations that utilize this tool for managing their containerized environments. The Kubernetes Image Bu ... Read more
- The Cyber Express
GitHub Issues Urgent Security Advisory on Critical Vulnerability in GitHub Enterprise Server
GitHub has released a critical security advisory highlighting vulnerabilities that merit immediate action from users of GitHub Enterprise Server (GHES). The advisory focuses on a GitHub vulnerability ... Read more
- The Cyber Express
Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups
Veeam has addressed a severe vulnerability in its widely utilized Backup & Replication tool, CVE-2024-40711. This critical flaw has a staggering Common Vulnerability Scoring System (CVSS) score of 9.8 ... Read more
- The Cyber Express
SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing the pressing need for organizatio ... Read more
- The Cyber Express
Cyble Sensors Uncover Cyberattacks Targeting Key Vulnerabilities
Cyble’s Vulnerability Intelligence unit has spotlighted a series of cyberattacks targeting critical vulnerabilities in various software systems, including the Ruby SAML library, D-Link NAS devices, an ... Read more
- The Cyber Express
Adobe Security Alert: Update Software Now to Protect Against Exploits
Adobe announced a series of important security updates aimed at addressing several vulnerabilities across its product suite. These vulnerabilities could potentially allow cybercriminals to execute arb ... Read more
- The Cyber Express
Microsoft Patches 117 CVEs: Focus on Critical and Zero-Day Threats
Microsoft has released the October 2024 Patch Tuesday, addressing a total of 117 Common Vulnerabilities and Exposures (CVEs). This month’s Microsoft Patch Tuesday update includes three vulnerabilities ... Read more
- The Cyber Express
Progress Telerik, Cisco, QNAP and Linux Under Attack: Cyble Honeypot Sensors
Cyble’s Vulnerability Intelligence unit has detected cyberattacks on several key IT products and systems, as threat actors have been quick to exploit vulnerabilities and enterprises slow to patch them ... Read more
- The Cyber Express
Qualcomm Addresses DSP Vulnerability CVE-2024-43047, Urges Users to Patch Devices
Qualcomm has released the latest security advisory for multiple vulnerabilities. Among them, a Qualcomm vulnerability, designated as CVE-2024-43047, has brought to light concerns surrounding the safet ... Read more
- The Cyber Express
Apple Patches iOS Security Flaw That Could Reveal Saved Passwords
Apple has released new updates for iOS and iPadOS to fix two important security problems affecting many iPhone and iPad models. These Apple updates, now available as iOS 18.0.1 and iPadOS 18.0.1, fix ... Read more
- The Cyber Express
The Week’s Top Vulnerabilities: Cyble Urges Fixes for NVIDIA, Adobe, CUPS
Cyble researchers had a busy week, investigating 19 vulnerabilities in the week ended Oct.1 and flagging eight of them as high priority. Cyble’s weekly IT vulnerability report also noted that research ... Read more
- The Cyber Express
Hackers Exploit Ivanti Endpoint Manager Flaw—Are You at Risk?
The Cybersecurity and Infrastructure Security Agency (CISA) has alerted organizations about an active exploitation of a vulnerability in Ivanti Endpoint Manager (EPM). This critical flaw, tracked as C ... Read more
- The Cyber Express
Google Addresses Critical Baseband Flaws, Strengthens Pixel Defenses
Google recently addressed a flaw within cellular modem vulnerabilities that can pose risk to smartphone users. The cellular baseband is responsible for handling all cellular communications, including ... Read more
- The Cyber Express
‘Embarrassingly Bad’ Zimbra RCE Vulnerability Under Active Attack. Patch Now.
A critical remote code execution (RCE) vulnerability in Zimbra email servers is under active attack, and users are urged to patch immediately. Zimbra is already a popular target for hackers – CISA’s K ... Read more
- The Cyber Express
86% of Users Neglect Critical Router Security, Says Latest Survey
It is not just enough to surf the internet, but equally important to safeguard its boundaries. However, a latest survey has exposed the knowledge and preparedness of internet users. It was found that ... Read more
- The Cyber Express
Critical Vulnerability in NVIDIA Container Toolkit Poses Risks to Cloud Environments
A new vulnerability in NVIDIA’s software impacts over 35% of cloud environments. The NVIDIA vulnerability, designated as CVE-2024-0132, is linked to the NVIDIA Container Toolkit, a widely utilized fra ... Read more
- The Cyber Express
Apex Softcell Vulnerability: CERT-In Issues Critical Warning for Users
The Indian Computer Emergency Response Team (CERT-In) has reported multiple high-severity vulnerabilities in Apex Softcell’s mobile stock trading and back-office platforms. The Apex Softcell vulnerabi ... Read more
- Help Net Security
Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)
CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation comes from the Cybersecuri ... Read more
- The Cyber Express
New Vulnerability in Microchip Advanced Software Framework Poses Risks
The CERT Coordination Center (CERT/CC) at Carnegie Mellon University issued a warning about a security flaw in the Microchip Advanced Software Framework (ASF). This Microchip vulnerability, tracked as ... Read more
- The Cyber Express
Versa Director Flaw Could Lead to API Attacks, Token Theft
Vulnerabilities in Versa Director are never a small matter, as the platform manages network configurations for Versa’s SD-WAN software – which is often used by internet service providers (ISPs) and ma ... Read more
- The Cyber Express
Quantum Computing: Revolutionizing Cybersecurity Risks and Solutions
Quantum computing revolutionizes various fields, leveraging the unique properties of quantum mechanics. Its impact on cybersecurity, however, presents both significant risks and opportunities. Traditi ... Read more
- The Cyber Express
Behind the Scenes: The Technical Details of Arc’s Recent Vulnerability
The Browser Company has announced a security vulnerability in the Arc browser, CVE-2024-45489. The Arc browser vulnerability was discovered on August 25, 2024, and was addressed within a day, ensuring ... Read more
- The Cyber Express
Iran’s Passive Backdoors Lurk in Middle Eastern Networks
UNC1860, an Iranian state-sponsored threat actor, has emerged as a formidable cyber force in the Middle East. Likely tied to Iran’s Ministry of Intelligence and Security (MOIS), UNC1860 group is known ... Read more
- The Cyber Express
5 New Vulnerabilities Added to CISA’s Known Exploited List: Urgent Action Required
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting the continued threat that these securit ... Read more
- The Cyber Express
U.S. Intelligence Agencies Say Chinese Botnet Compromised 260,000 Devices
U.S. intelligence agencies issued a warning today about a Chinese botnet that has compromised 260,000 devices around the globe, including small office/home office (SOHO) routers, firewalls, network-at ... Read more
- The Cyber Express
Apple Urges Users to Install iOS 18 to Fix 33 iPhone Vulnerabilities
Apple has officially released iOS 18, which is the latest software update for iPhones and iPads. While the software introduces exciting new features, the most critical part of this update lies in its ... Read more
- The Cyber Express
Cert-In Issues High Severity Warning for Android Users, Recommends Patching
The Indian Computer Emergency Response Team (CERT-In), functioning under the Ministry of Electronics and Information Technology, has issued a high-severity warning aimed at users operating Android OS ... Read more
- The Cyber Express
GitLab Issues Critical Patch Releases: Versions 17.3.2, 17.2.5, and 17.1.7 Address Key Vulnerabilities
GitLab has released critical patch updates across its Community Edition (CE) and Enterprise Edition (EE) to address security vulnerabilities and bugs. The GitLab critical patch release includes vital ... Read more
- Help Net Security
Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)
Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code ... Read more
- The Cyber Express
Microsoft September 2024 Patch Tuesday: Addressing 79 New Vulnerabilities and Product Updates
The second Tuesday of September has once again proven to be a significant date for cybersecurity with Microsoft’s latest Patch Tuesday update. This month’s release is dominated by a daunting array of ... Read more
- BleepingComputer
Ivanti fixes maximum severity RCE bug in Endpoint Management software
Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server. Ivanti EPM helps admin ... Read more
- The Cyber Express
Don’t Delay: Patch LoadMaster Now to Avoid Exploitation
A security vulnerability, identified as CVE-2024-7591, has been disclosed affecting all versions of LoadMaster and the LoadMaster Multi-Tenant (MT) hypervisor. The LoadMaster vulnerability is critical ... Read more
- The Cyber Express
Critical Vulnerabilities Disclosed in IBM webMethods Integration Server
IBM has revealed several severe vulnerabilities within its webMethods Integration Server, a platform widely utilized for integration and API management. These IBM webMethods Integration vulnerabilitie ... Read more
- The Cyber Express
Critical RCE Vulnerability Patched in Apache OFBiz (CVE-2024-45195)
Popular open-source enterprise Resource Planning (ERP) system, Apache OFBiz, recently discovered harboring a critical Remote Code Execution (RCE) vulnerability. Tracked as CVE-2024-45195, the Apache O ... Read more
- The Cyber Express
Veeam Security Bulletin Fixes Critical Vulnerabilities for Backup & Replication, Veeam ONE and More
Veeam has published a new Security Bulletin addressing multiple critical vulnerabilities across its suite of products. The Veeam security bulletin, identified as KB ID: 4649, includes updates on Veeam ... Read more
- The Cyber Express
High-Risk Vulnerabilities Discovered in Zyxel Firewalls: What You Need to Know
Zyxel Networks has recently issued a critical alert regarding several high-risk vulnerabilities affecting their firewall products. This warning comes as part of a broader security advisory that highli ... Read more
- The Cyber Express
CERT-IN Warns About Critical Vulnerabilities in Palo Alto Networks Applications
The Indian Computer Emergency Response Team (CERT-IN) has issued advisories regarding critical vulnerabilities affecting several Palo Alto Networks applications. These vulnerabilities could allow atta ... Read more
- The Cyber Express
Canonical Addresses Critical Linux Kernel AWS Vulnerabilities with New Patches
Canonical has rolled out essential security updates for Ubuntu, addressing multiple Linux kernel vulnerabilities that also impact Amazon Web Services (AWS). These issues, which involve race conditions ... Read more
- The Cyber Express
Cyberattack Hits Shoshone-Bannock Tribes: Key Services Unaffected, Recovery in Progress
The Shoshone-Bannock Tribes have confirmed a cybersecurity incident that disrupted their operations on the Fort Hall Reservation in Idaho. The Shoshone-Bannock Tribes cyberattack, reported on August 2 ... Read more
- The Cyber Express
North Korean Hackers Exploited Chromium Zero-Day to Deploy Rootkit
In a recent attack, a North Korean threat actor leveraged a zero-day vulnerability in Google’s Chromium browser to deploy the FudModule rootkit, targeting cryptocurrency firms for financial gain. Micr ... Read more
- The Cyber Express
Cyberespionage Threat: APT-C-60 Targets East Asia with SpyGlace
A sophisticated cyberespionage campaign targeting East Asian countries has been uncovered, with the APT-C-60 group exploiting a zero-day vulnerability in WPS Office to deploy the notorious SpyGlace ba ... Read more
- The Cyber Express
Critical Vulnerabilities in Progress Software’s WhatsUp Gold Expose Systems to Severe Risks
Recent security findings reveal that Progress Software’s WhatsUp Gold, a prominent enterprise network monitoring and management solution, harbors significant vulnerabilities that could lead to full sy ... Read more
- The Cyber Express
Massive Mirai Botnet Exploited Zero-Day Vulnerability in AVTECH Cameras
Researchers have discovered a botnet campaign that is exploiting several vulnerabilities, including a zero-day vulnerability (CVE-2024-7029) in AVTECH closed-circuit television (CCTV) cameras that cou ... Read more
- The Cyber Express
Russian State Hackers Using Exploits ‘Strikingly Similar’ to Spyware Vendors NSO and Intellexa
Google has identified a connection between Russian state hackers and exploits that bear an “identical or strikingly similar” resemblance to those created by spyware companies NSO Group and Intellexa, ... Read more
- The Cyber Express
Iranian State Hackers Act as Access Brokers for Ransomware Gangs, Target U.S. and Allies’ Critical Infrastructure
A shadowy group of Iranian cyber actors is acting as access brokers for ransomware gangs and collaborating with affiliates to target the U.S. and its allies, exploiting vulnerabilities across sectors ... Read more
- The Cyber Express
Critical Apache OFBiz Vulnerability CVE-2024-38856 Identified and Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a security vulnerability affecting Apache OFBiz, the open-source enterprise resource planning (ERP) system. This Apache OFB ... Read more
- The Cyber Express
Critical WPML Plugin Flaw Exposes Millions of WordPress Sites to Remote Code Execution
A critical vulnerability has been discovered in the WPML (WordPress Multilingual) plugin, exposing millions of WordPress websites to potential Remote Code Execution (RCE) attacks. This WPML Plugin Fla ... Read more
- The Cyber Express
Versa Director Zero-Day Attack: A Non-Critical Vulnerability with Low Exposure Can Still Be Trouble
A zero-day vulnerability in Versa Director servers is proof that a vulnerability doesn’t require a critical severity rating and thousands of exposures to do significant damage. CVE-2024-39717, announc ... Read more
- The Cyber Express
Critical Chrome Zero-Day Vulnerability (CVE-2024-7965) Requires Immediate User Action
Google recently addressed a critical zero-day vulnerability in its Chrome browser, identified as CVE-2024-7965. This high-severity flaw, affecting versions of Chrome prior to 128.0.6613.84, has been a ... Read more
- The Cyber Express
Critical Remote Code Execution Vulnerability Addressed in GiveWP Plugin
The GiveWP plugin, a widely used donation and fundraising tool for WordPress, has recently undergone a crucial update to address a severe security flaw. This GiveWP vulnerability, discovered by the re ... Read more
- BleepingComputer
Ivanti warns of critical vTM auth bypass with public exploit
Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts. Iv ... Read more
The following table lists the changes that have been made to the
CVE-2024-21893
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Modified Analysis by [email protected]
Nov. 29, 2024
Action Type Old Value New Value Changed CPE Configuration OR *cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:* OR *cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.2:*:*:*:*:*:* -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Nov. 21, 2024
Action Type Old Value New Value Added Reference https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US -
Modified Analysis by [email protected]
Aug. 14, 2024
Action Type Old Value New Value -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Jul. 03, 2024
Action Type Old Value New Value Added CWE CISA-ADP CWE-918 -
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Feb. 01, 2024
Action Type Old Value New Value Added Date Added 2024-01-31 Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Added Due Date 2024-02-02 Added Vulnerability Name Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability -
Initial Analysis by [email protected]
Jan. 31, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Changed Reference Type https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US No Types Assigned https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US Vendor Advisory Added CWE NIST CWE-918 Added CPE Configuration OR *cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:* -
CVE Received by [email protected]
Jan. 31, 2024
Action Type Old Value New Value Added Description A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. Added Reference HackerOne https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US [No types assigned] Added CVSS V3 HackerOne AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-21893
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-21893
weaknesses.
Exploit Prediction
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
95.82 }} -0.08%
score
0.99597
percentile