CVE-2024-37404
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD
Description
Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution.
Affected (59)
Products: Ivanti: Connect Secure, Policy Secure
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1 | |
| Before 22.7 |
References (1)
Source: support@hackerone.com
PatchVendor Advisory
Timeline
No history available yet.