Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
attackerkbAttackerKBAKB:6C5EBC66-5F3C-4B4B-8986-07B2301785F5
HistoryFeb 13, 2024 - 12:00 a.m.

CVE-2024-22024

2024-02-1300:00:00
attackerkb.com
57
vulnerability
xxe
saml component
ivanti
unauthorized access
http
post request
base64 decoded
abused
attacker value

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.8%

JSON

An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.

Recent assessments:

cbeek-r7 at February 09, 2024 3:26pm UTC reported:

An HTTP POST request towards /dana-na/auth/saml-sso.cgi using the SAMLRequest as the vehicle with a base64 decoded XXE payload works and is already observed being abused in the wild.

Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 5

Related

impervablog 1
cve 1
githubexploit 2
hivepro 1
akamaiblog 1
cvelist 1
prion 1
nuclei 1
malwarebytes 1
thn 3
nessus 2
ics 1
impervablog
impervablog
Imperva defends customers against CVE-2024-22024 in Ivanti products
2024-02-13 22:18:53
cve
cve
CVE-2024-22024
2024-02-13 04:15:07
githubexploit
githubexploit
Exploit for Improper Restriction of XML External Entity Reference in Ivanti Connect Secure
2024-02-10 06:23:44
Exploit for Improper Restriction of XML External Entity Reference in Ivanti Connect Secure
2024-02-09 14:31:56
hivepro
hivepro
Ivanti Addresses Yet Another VPN Flaw Within a Month
2024-02-12 11:47:34
akamaiblog
akamaiblog
Scanning Activity for CVE-2024-22024 (XXE) Vulnerability in Ivanti
2024-02-14 06:00:00
cvelist
cvelist
CVE-2024-22024
2024-02-13 04:07:04
prion
prion
Xxe
2024-02-13 04:15:00
nuclei
nuclei
Ivanti Connect Secure - XXE
2024-02-09 07:59:13
malwarebytes
malwarebytes
Ivanti urges customers to patch yet another critical vulnerability
2024-02-09 18:13:42
thn
thn
Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries
2024-02-15 14:20:00
Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
2024-02-09 03:35:00
Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities
2024-03-01 06:26:00
nessus
nessus
Ivanti Connect Secure 9.x / 22.x Multiple Vulnerabilities
2024-01-10 00:00:00
Ivanti Policy Secure 9.x / 22.x Multiple Vulnerabilities
2024-02-09 00:00:00
ics
ics
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
2024-02-29 12:00:00

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.8%

JSON
Related for AKB:6C5EBC66-5F3C-4B4B-8986-07B2301785F5
impervablog1cve1githubexploit2hivepro1akamaiblog1cvelist1prion1nuclei1malwarebytes1thn3nessus2ics1