Lucene search

CVE-2024-21893

🗓️ 31 Jan 2024 00:00:00Reported by AttackerKBType

Server-side request forgery vulnerability in Ivanti Connect, Policy Secure, and Neurons for ZTA. Allows unauthorized access to restricted resources.

Reporter	Title	Published	Views	Family All 148
0day.today	Ivanti Connect Secure Unauthenticated Remote Code Execution Exploit	21 Feb 202400:00	–	zdt
0day.today	Ivanti Connect Secure Unauthenticated Remote Code Execution Exploit	22 Jan 202400:00	–	zdt
Metasploit	Ivanti Connect Secure Unauthenticated Remote Code Execution	6 Feb 202411:49	–	metasploit
Metasploit	Ivanti Connect Secure Unauthenticated Remote Code Execution	16 Jan 202414:32	–	metasploit
Packet Storm	Ivanti Connect Secure Unauthenticated Remote Code Execution	21 Feb 202400:00	–	packetstorm
Packet Storm	Ivanti Connect Secure Unauthenticated Remote Code Execution	22 Jan 202400:00	–	packetstorm
Wiz blog	Critical Vulnerabilities in Ivanti Exploited in-the-Wild: everything you need to know	6 Feb 202416:06	–	wizblog
Malwarebytes	CISA: Disconnect vulnerable Ivanti products TODAY	2 Feb 202414:18	–	malwarebytes
Malwarebytes	Ivanti urges customers to patch yet another critical vulnerability	9 Feb 202418:13	–	malwarebytes
Malwarebytes	Act now! Ivanti vulnerabilities are being actively exploited	11 Jan 202420:13	–	malwarebytes

Source	Link
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
github	www.github.com/h4x0r-dz/CVE-2024-21893.py
github	www.github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887
forums	www.forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure
mandiant	www.mandiant.com/resources/blog/suspected-apt-targets-ivanti-zero-day

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 Jan 2024 00:00Current

8.3High risk

Vulners AI Score8.3

CVSS39.1

EPSS0.97369

SSVC