CVE-2024-21893
Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability - [Actively Exploited]
Description
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
INFO
Published Date :
Jan. 31, 2024, 6:15 p.m.
Last Modified :
Nov. 29, 2024, 3:16 p.m.
Remotely Exploit :
Yes !
Source :
[email protected]
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2024-21893
Affected Products
The following products are affected by CVE-2024-21893
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.0 | HIGH | [email protected] | ||||
| CVSS 3.1 | HIGH | [email protected] |
Solution
- Consult the vendor advisory for specific patch or upgrade instructions.
- Apply the recommended updates to address the vulnerability.
Public PoC/Exploit Available at Github
CVE-2024-21893 has a 17 public
PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-21893.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-21893 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-21893
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
None
Links of research blogs published by me.
None
None
HTML Python Shell
A curated list of all the CVEs, the respective PoC if found and a docker/vm to test it.
Python CSS HTML Dockerfile
CLI utility to query Shodan's CVE DB
cve-search shodan shodan-client
Go
此项目的POC来源为2024年以来各大威胁情报的高危漏洞复现,POC已通过nuclei或xray武器化,本项目旨在为网络安全爱好者们提供一点参考资料,可供个人研究使用,共勉
Shell Batchfile Python ASP.NET Java Classic ASP PHP
This repository is dedicated to specific tasks aimed at improving threat detection, analysis, and mitigation capabilities within the scope of Siber Koza's CTI Platform Project, on a weekly basis.
Python
A curated list of CVEs, respective PoC and a docker/vm to test it.
Python Dockerfile HTML CSS
A curated list of all the CVEs, the respective PoC if found and a docker/vm to test it.
Python Dockerfile HTML CSS
Invanti VPN Vulnerabilities for Jan - Feb 2024 - Links to Keep it all Organized
CVE-2024-21893 to CVE-2024-21887 Exploit Toolkit
Python
CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure
Python
Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.
Python
Collect some iot-related security articles, including vulnerability analysis, security conferences and papers, etc.
iot-security
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-21893 vulnerability anywhere in the article.
-
CybersecurityNews
DragonForce Ransomware Attack Analysis – Targets, TTPs and IoCs
DragonForce represents a sophisticated and rapidly evolving ransomware operation that has emerged as a significant threat in the cybersecurity landscape since late 2023. Operating under a Ransomware-a ... Read more
-
Cyber Security News
DragonForce Ransomware Claimed To Compromise Over 120 Victims in The Past Year
DragonForce, a sophisticated ransomware operation that emerged in fall 2023, has established itself as a formidable threat in the cybercriminal landscape by claiming over 120 victims across the past y ... Read more
-
Daily CyberSecurity
DragonForce Ransomware Cartel Hits UK Retailers with Custom Payloads and Global Extortion Campaign
DragonForce affiliate panel | Image: SentinelOne A disturbing evolution in the ransomware ecosystem has been exposed by cybersecurity firm SentinelOne, which has published an in-depth analysis of the ... Read more
-
Cybersecurity News
DragonForce Ransomware Group Targets Saudi Arabia with Large-Scale Data Breach
Image: ResecurityThe DragonForce ransomware group has launched a major cyberattack against organizations in Saudi Arabia, marking its first known attack on a large KSA enterprise entity. The attack, d ... Read more
-
The Cyber Express
Microsoft Patch Tuesday for February Includes Two Zero Days Under Attack
Microsoft’s Patch Tuesday for February 2025 fixes four zero-day vulnerabilities, including two under active attack, plus another eight flaws judged to be at high risk of attack. In all, the Patch Tues ... Read more
-
The Cyber Express
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update
Apple has issued emergency updates to fix a critical security flaw that is actively being exploited in iOS and iPadOS. On February 10, the tech giant released out-of-band security patches to address a ... Read more
-
The Cyber Express
CISA Flags Critical Trimble Cityworks Vulnerability (CVE-2025-0994) in KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a critical vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog. The vulnerability, identified as CV ... Read more
-
The Cyber Express
CERT-In Warns of High-Severity Vulnerabilities in Mozilla Firefox and Thunderbird
The Indian Computer Emergency Response Team (CERT-In) has issued a vulnerability note (CIVN-2025-0016) highlighting a series of Mozilla vulnerability, including Firefox and Thunderbird. These vulnerab ... Read more
-
The Cyber Express
CISA Updates KEV Catalog with High-Severity Vulnerabilities—Patch Now!
The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog by adding several new vulnerabilities that have been actively exploit ... Read more
-
The Cyber Express
Critical Flaws in Contec CMS8000 Allow Remote Code Execution and Patient Data Theft
A new set of critical vulnerabilities has been identified in Contec Health’s CMS8000 Patient Monitor, posing significant cybersecurity and patient safety risks. These vulnerabilities, which have recei ... Read more
-
The Cyber Express
Cybersecurity in 2025: Shadow AI, Deepfakes, and the Next Wave of Threats
As we step into 2025, the cybersecurity landscape is evolving at an unprecedented pace. The frequency of cyberattacks continues to rise, with organizations facing an average of 1,308 attacks per week ... Read more
-
Kaspersky
How to migrate to SASE and zero trust | Kaspersky official blog
The traditional network security model — with a secure perimeter and encrypted channels for external access to that perimeter — is coming apart at the seams. Cloud services and remote working have cha ... Read more
-
The Cyber Express
Cisco Warns of Critical Privilege Escalation Vulnerability in Meeting Management Platform
Cisco has issued a security advisory regarding a critical privilege escalation vulnerability found in Cisco Meeting Management. The vulnerability is tied to the REST API component of the platform, and ... Read more
-
The Cyber Express
Four Critical Ivanti CSA Vulnerabilities Exploited—CISA and FBI Urge Mitigation
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have jointly issued a Cybersecurity Advisory to address the active exploitation of critical vu ... Read more
-
The Cyber Express
Turning Data into Decisions: How CVE Management Is Changing
Every day, hundreds of new Common Vulnerabilities and Exposures (CVEs) are published, many of which target critical systems that keep businesses and governments operational. For cybersecurity professi ... Read more
-
The Cyber Express
Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users
Mozilla Firefox and Thunderbird users are facing a series of high-severity vulnerabilities that could leave systems open to exploitation. The Indian Computer Emergency Response Team (CERT-In) issued a ... Read more
-
The Cyber Express
High Severity Vulnerability Discovered in CP Plus Router: Immediate Attention Needed
A security vulnerability has been identified in the CP Plus CP-XR-DE21-S Router, which could potentially expose sensitive user information and compromise system integrity. This CP Plus Router vulnerab ... Read more
-
The Cyber Express
Yubico Warns of 2FA Security Flaw in pam-u2f for Linux and macOS Users
Yubico has released a security advisory, YSA-2025-01, which highlighted a vulnerability within the software module that supports two-factor authentication (2FA) for Linux and macOS platforms. This iss ... Read more
-
The Cyber Express
CISA Launches AI Cybersecurity Playbook to Strengthen Collective Defense
The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new tool aimed at strengthening the cybersecurity resilience of AI systems. The AI Cybersecurity Collaboration Playbook, deve ... Read more
-
The Cyber Express
Microsoft January 2025 Patch Tuesday: 8 Zero-Days, 3 Actively Exploited
Microsoft’s Patch Tuesday update for January 2025 patches 159 vulnerabilities, including eight zero-days, three of which are being actively exploited. The Microsoft January 2025 Patch Tuesday release ... Read more
The following table lists the changes that have been made to the
CVE-2024-21893 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Modified Analysis by [email protected]
Nov. 29, 2024
Action Type Old Value New Value Changed CPE Configuration OR *cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:* OR *cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.2:*:*:*:*:*:* -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Nov. 21, 2024
Action Type Old Value New Value Added Reference https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US -
Modified Analysis by [email protected]
Aug. 14, 2024
Action Type Old Value New Value -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Jul. 03, 2024
Action Type Old Value New Value Added CWE CISA-ADP CWE-918 -
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Feb. 01, 2024
Action Type Old Value New Value Added Date Added 2024-01-31 Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Added Due Date 2024-02-02 Added Vulnerability Name Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability -
Initial Analysis by [email protected]
Jan. 31, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Changed Reference Type https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US No Types Assigned https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US Vendor Advisory Added CWE NIST CWE-918 Added CPE Configuration OR *cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:* -
CVE Received by [email protected]
Jan. 31, 2024
Action Type Old Value New Value Added Description A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. Added Reference HackerOne https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US [No types assigned] Added CVSS V3 HackerOne AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Scoring Details
Base CVSS Score: 8.2
Base CVSS Score: 8.2
Exploit Prediction
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
94.32 }} -1.71%
score
0.99941
percentile