CVE-2024-21893

Warning

EPSS 94.32%
Published 31.01.2024 18:15:47
Last modified 29.11.2024 15:16:27
Source support@hackerone.com
Teams watchlist Login
Open Login

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.

Affected products Warnungen 2 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Ivanti ≫ Connect Secure Version9.0 Update-

Ivanti ≫ Connect Secure Version9.0 Updater1

Ivanti ≫ Connect Secure Version9.0 Updater2

Ivanti ≫ Connect Secure Version9.0 Updater2.1

Ivanti ≫ Connect Secure Version9.0 Updater3

Ivanti ≫ Connect Secure Version9.0 Updater3.1

Ivanti ≫ Connect Secure Version9.0 Updater3.2

Ivanti ≫ Connect Secure Version9.0 Updater3.3

Ivanti ≫ Connect Secure Version9.0 Updater3.5

Ivanti ≫ Connect Secure Version9.0 Updater4

Ivanti ≫ Connect Secure Version9.0 Updater4.1

Ivanti ≫ Connect Secure Version9.0 Updater5.0

Ivanti ≫ Connect Secure Version9.0 Updater6.0

Ivanti ≫ Connect Secure Version9.1 Updater1

Ivanti ≫ Connect Secure Version9.1 Updater10

Ivanti ≫ Connect Secure Version9.1 Updater11

Ivanti ≫ Connect Secure Version9.1 Updater11.3

Ivanti ≫ Connect Secure Version9.1 Updater11.4

Ivanti ≫ Connect Secure Version9.1 Updater11.5

Ivanti ≫ Connect Secure Version9.1 Updater12

Ivanti ≫ Connect Secure Version9.1 Updater12.1

Ivanti ≫ Connect Secure Version9.1 Updater13

Ivanti ≫ Connect Secure Version9.1 Updater13.1

Ivanti ≫ Connect Secure Version9.1 Updater14

Ivanti ≫ Connect Secure Version9.1 Updater15

Ivanti ≫ Connect Secure Version9.1 Updater15.2

Ivanti ≫ Connect Secure Version9.1 Updater16

Ivanti ≫ Connect Secure Version9.1 Updater16.1

Ivanti ≫ Connect Secure Version9.1 Updater17

Ivanti ≫ Connect Secure Version9.1 Updater17.1

Ivanti ≫ Connect Secure Version9.1 Updater18

Ivanti ≫ Connect Secure Version9.1 Updater18.1

Ivanti ≫ Connect Secure Version9.1 Updater18.2

Ivanti ≫ Connect Secure Version9.1 Updater2

Ivanti ≫ Connect Secure Version9.1 Updater3

Ivanti ≫ Connect Secure Version9.1 Updater4

Ivanti ≫ Connect Secure Version9.1 Updater4.1

Ivanti ≫ Connect Secure Version9.1 Updater4.2

Ivanti ≫ Connect Secure Version9.1 Updater4.3

Ivanti ≫ Connect Secure Version9.1 Updater5

Ivanti ≫ Connect Secure Version9.1 Updater6

Ivanti ≫ Connect Secure Version9.1 Updater7

Ivanti ≫ Connect Secure Version9.1 Updater8

Ivanti ≫ Connect Secure Version9.1 Updater8.1

Ivanti ≫ Connect Secure Version9.1 Updater8.2

Ivanti ≫ Connect Secure Version9.1 Updater9

Ivanti ≫ Connect Secure Version9.1 Updater9.1

Ivanti ≫ Connect Secure Version21.9 Updater1

Ivanti ≫ Connect Secure Version21.12 Updater1

Ivanti ≫ Connect Secure Version22.1 Updater1

Ivanti ≫ Connect Secure Version22.1 Updater6

Ivanti ≫ Connect Secure Version22.2 Update-

Ivanti ≫ Connect Secure Version22.2 Updater1

Ivanti ≫ Connect Secure Version22.3 Updater1

Ivanti ≫ Connect Secure Version22.4 Updater1

Ivanti ≫ Connect Secure Version22.4 Updater2.1

Ivanti ≫ Connect Secure Version22.6 Update-

Ivanti ≫ Connect Secure Version22.6 Updater1

Ivanti ≫ Connect Secure Version22.6 Updater2

Ivanti ≫ Connect Secure Version22.6 Updater2.1

Ivanti ≫ Policy Secure Version9.0 Update-

Ivanti ≫ Policy Secure Version9.0 Updater1

Ivanti ≫ Policy Secure Version9.0 Updater2

Ivanti ≫ Policy Secure Version9.0 Updater2.1

Ivanti ≫ Policy Secure Version9.0 Updater3

Ivanti ≫ Policy Secure Version9.0 Updater3.1

Ivanti ≫ Policy Secure Version9.0 Updater4

Ivanti ≫ Policy Secure Version9.1 Update-

Ivanti ≫ Policy Secure Version9.1 Updater1

Ivanti ≫ Policy Secure Version9.1 Updater10

Ivanti ≫ Policy Secure Version9.1 Updater11

Ivanti ≫ Policy Secure Version9.1 Updater12

Ivanti ≫ Policy Secure Version9.1 Updater13

Ivanti ≫ Policy Secure Version9.1 Updater13.1

Ivanti ≫ Policy Secure Version9.1 Updater14

Ivanti ≫ Policy Secure Version9.1 Updater15

Ivanti ≫ Policy Secure Version9.1 Updater16

Ivanti ≫ Policy Secure Version9.1 Updater17

Ivanti ≫ Policy Secure Version9.1 Updater18

Ivanti ≫ Policy Secure Version9.1 Updater18.1

Ivanti ≫ Policy Secure Version9.1 Updater18.2

Ivanti ≫ Policy Secure Version9.1 Updater2

Ivanti ≫ Policy Secure Version9.1 Updater3

Ivanti ≫ Policy Secure Version9.1 Updater3.1

Ivanti ≫ Policy Secure Version9.1 Updater4

Ivanti ≫ Policy Secure Version9.1 Updater4.1

Ivanti ≫ Policy Secure Version9.1 Updater4.2

Ivanti ≫ Policy Secure Version9.1 Updater4.3

Ivanti ≫ Policy Secure Version9.1 Updater5

Ivanti ≫ Policy Secure Version9.1 Updater6

Ivanti ≫ Policy Secure Version9.1 Updater7

Ivanti ≫ Policy Secure Version9.1 Updater8

Ivanti ≫ Policy Secure Version9.1 Updater8.1

Ivanti ≫ Policy Secure Version9.1 Updater8.2

Ivanti ≫ Policy Secure Version9.1 Updater9

Ivanti ≫ Policy Secure Version22.1 Updater1

Ivanti ≫ Policy Secure Version22.1 Updater6

Ivanti ≫ Policy Secure Version22.2 Updater1

Ivanti ≫ Policy Secure Version22.2 Updater3

Ivanti ≫ Policy Secure Version22.3 Updater1

Ivanti ≫ Policy Secure Version22.3 Updater3

Ivanti ≫ Policy Secure Version22.4 Updater1

Ivanti ≫ Policy Secure Version22.4 Updater2

Ivanti ≫ Policy Secure Version22.4 Updater2.1

Ivanti ≫ Policy Secure Version22.5 Updater1

Ivanti ≫ Policy Secure Version22.6 Updater1

Ivanti ≫ Neurons For Zero-trust Access Version-

Ivanti ≫ Neurons For Zero-trust Access Version22.2 Updater1

Ivanti ≫ Neurons For Zero-trust Access Version22.2 Updater4

Ivanti ≫ Neurons For Zero-trust Access Version22.2 Updater5

Ivanti ≫ Neurons For Zero-trust Access Version22.3 Updater1

Ivanti ≫ Neurons For Zero-trust Access Version22.3 Updater4

Ivanti ≫ Neurons For Zero-trust Access Version22.4 Updater1

Ivanti ≫ Neurons For Zero-trust Access Version22.4 Updater3

Ivanti ≫ Neurons For Zero-trust Access Version22.5 Updater1

Ivanti ≫ Neurons For Zero-trust Access Version22.5 Updater1.2

Ivanti ≫ Neurons For Zero-trust Access Version22.6 Updater1

Ivanti ≫ Neurons For Zero-trust Access Version22.6 Updater1.2

31.01.2024: CISA Known Exploited Vulnerabilities (KEV) Catalog

Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability

Vulnerability

Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.

Description

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Required actions

11.01.2024: CERT.at Warnung

https://www.cert.at/de/warnungen/2024/1/kritische-sicherheitslucken-in-ivanti-connect-secure-und-ivanti-policy-secure-aktiv-ausgenutzt

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	94.32%	0.999

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.2	3.9	4.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
support@hackerone.com	8.2	3.9	4.2	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-21893

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-21893

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-21893

EUVD