8.8
CVE-2024-21888
- EPSS 64%
- Published 31.01.2024 18:15:47
- Last modified 03.06.2025 19:15:37
- Source support@hackerone.com
- Teams watchlist Login
- Open Login
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.
Data is provided by the National Vulnerability Database (NVD)
Ivanti ≫ Connect Secure Version9.0 Update-
Ivanti ≫ Connect Secure Version9.0 Updater1
Ivanti ≫ Connect Secure Version9.0 Updater2
Ivanti ≫ Connect Secure Version9.0 Updater2.1
Ivanti ≫ Connect Secure Version9.0 Updater3
Ivanti ≫ Connect Secure Version9.0 Updater3.1
Ivanti ≫ Connect Secure Version9.0 Updater3.2
Ivanti ≫ Connect Secure Version9.0 Updater3.3
Ivanti ≫ Connect Secure Version9.0 Updater3.5
Ivanti ≫ Connect Secure Version9.0 Updater4
Ivanti ≫ Connect Secure Version9.0 Updater4.1
Ivanti ≫ Connect Secure Version9.0 Updater5.0
Ivanti ≫ Connect Secure Version9.0 Updater6.0
Ivanti ≫ Connect Secure Version9.1 Updater1
Ivanti ≫ Connect Secure Version9.1 Updater10
Ivanti ≫ Connect Secure Version9.1 Updater11
Ivanti ≫ Connect Secure Version9.1 Updater11.3
Ivanti ≫ Connect Secure Version9.1 Updater11.4
Ivanti ≫ Connect Secure Version9.1 Updater11.5
Ivanti ≫ Connect Secure Version9.1 Updater12
Ivanti ≫ Connect Secure Version9.1 Updater12.1
Ivanti ≫ Connect Secure Version9.1 Updater13
Ivanti ≫ Connect Secure Version9.1 Updater13.1
Ivanti ≫ Connect Secure Version9.1 Updater14
Ivanti ≫ Connect Secure Version9.1 Updater15
Ivanti ≫ Connect Secure Version9.1 Updater15.2
Ivanti ≫ Connect Secure Version9.1 Updater16
Ivanti ≫ Connect Secure Version9.1 Updater16.1
Ivanti ≫ Connect Secure Version9.1 Updater17
Ivanti ≫ Connect Secure Version9.1 Updater17.1
Ivanti ≫ Connect Secure Version9.1 Updater18
Ivanti ≫ Connect Secure Version9.1 Updater18.1
Ivanti ≫ Connect Secure Version9.1 Updater18.2
Ivanti ≫ Connect Secure Version9.1 Updater2
Ivanti ≫ Connect Secure Version9.1 Updater3
Ivanti ≫ Connect Secure Version9.1 Updater4
Ivanti ≫ Connect Secure Version9.1 Updater4.1
Ivanti ≫ Connect Secure Version9.1 Updater4.2
Ivanti ≫ Connect Secure Version9.1 Updater4.3
Ivanti ≫ Connect Secure Version9.1 Updater5
Ivanti ≫ Connect Secure Version9.1 Updater6
Ivanti ≫ Connect Secure Version9.1 Updater7
Ivanti ≫ Connect Secure Version9.1 Updater8
Ivanti ≫ Connect Secure Version9.1 Updater8.1
Ivanti ≫ Connect Secure Version9.1 Updater8.2
Ivanti ≫ Connect Secure Version9.1 Updater9
Ivanti ≫ Connect Secure Version9.1 Updater9.1
Ivanti ≫ Connect Secure Version21.9 Updater1
Ivanti ≫ Connect Secure Version21.12 Updater1
Ivanti ≫ Connect Secure Version22.1 Updater1
Ivanti ≫ Connect Secure Version22.1 Updater6
Ivanti ≫ Connect Secure Version22.2 Update-
Ivanti ≫ Connect Secure Version22.2 Updater1
Ivanti ≫ Connect Secure Version22.3 Updater1
Ivanti ≫ Connect Secure Version22.4 Updater1
Ivanti ≫ Connect Secure Version22.4 Updater2.1
Ivanti ≫ Connect Secure Version22.6 Update-
Ivanti ≫ Connect Secure Version22.6 Updater1
Ivanti ≫ Connect Secure Version22.6 Updater2
Ivanti ≫ Connect Secure Version22.6 Updater2.1
Ivanti ≫ Policy Secure Version9.0 Update-
Ivanti ≫ Policy Secure Version9.0 Updater1
Ivanti ≫ Policy Secure Version9.0 Updater2
Ivanti ≫ Policy Secure Version9.0 Updater2.1
Ivanti ≫ Policy Secure Version9.0 Updater3
Ivanti ≫ Policy Secure Version9.0 Updater3.1
Ivanti ≫ Policy Secure Version9.0 Updater4
Ivanti ≫ Policy Secure Version9.1 Update-
Ivanti ≫ Policy Secure Version9.1 Updater1
Ivanti ≫ Policy Secure Version9.1 Updater10
Ivanti ≫ Policy Secure Version9.1 Updater11
Ivanti ≫ Policy Secure Version9.1 Updater12
Ivanti ≫ Policy Secure Version9.1 Updater13
Ivanti ≫ Policy Secure Version9.1 Updater13.1
Ivanti ≫ Policy Secure Version9.1 Updater14
Ivanti ≫ Policy Secure Version9.1 Updater15
Ivanti ≫ Policy Secure Version9.1 Updater16
Ivanti ≫ Policy Secure Version9.1 Updater17
Ivanti ≫ Policy Secure Version9.1 Updater18
Ivanti ≫ Policy Secure Version9.1 Updater18.1
Ivanti ≫ Policy Secure Version9.1 Updater18.2
Ivanti ≫ Policy Secure Version9.1 Updater2
Ivanti ≫ Policy Secure Version9.1 Updater3
Ivanti ≫ Policy Secure Version9.1 Updater3.1
Ivanti ≫ Policy Secure Version9.1 Updater4
Ivanti ≫ Policy Secure Version9.1 Updater4.1
Ivanti ≫ Policy Secure Version9.1 Updater4.2
Ivanti ≫ Policy Secure Version9.1 Updater4.3
Ivanti ≫ Policy Secure Version9.1 Updater5
Ivanti ≫ Policy Secure Version9.1 Updater6
Ivanti ≫ Policy Secure Version9.1 Updater7
Ivanti ≫ Policy Secure Version9.1 Updater8
Ivanti ≫ Policy Secure Version9.1 Updater8.1
Ivanti ≫ Policy Secure Version9.1 Updater8.2
Ivanti ≫ Policy Secure Version9.1 Updater9
Ivanti ≫ Policy Secure Version22.1 Updater1
Ivanti ≫ Policy Secure Version22.1 Updater6
Ivanti ≫ Policy Secure Version22.2 Updater1
Ivanti ≫ Policy Secure Version22.2 Updater3
Ivanti ≫ Policy Secure Version22.3 Updater1
Ivanti ≫ Policy Secure Version22.3 Updater3
Ivanti ≫ Policy Secure Version22.4 Updater1
Ivanti ≫ Policy Secure Version22.4 Updater2
Ivanti ≫ Policy Secure Version22.4 Updater2.1
Ivanti ≫ Policy Secure Version22.5 Updater1
Ivanti ≫ Policy Secure Version22.6 Updater1
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 64% | 0.984 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| support@hackerone.com | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-269 Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.