Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve9119a7d8-5eab-497f-8521-727c672e3725CVE-2024-1709
HistoryFeb 21, 2024 - 4:15 p.m.

CVE-2024-1709

2024-02-2116:15:50
NVD-CWE-Other
CWE-288
9119a7d8-5eab-497f-8521-727c672e3725
web.nvd.nist.gov
203
In Wild
41
connectwise
screenconnect
23.9.7
authentication bypass
vulnerability
cve-2024-1709
nvd

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.945 High

EPSS

Percentile

99.2%

JSON

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel

vulnerability, which may allow an attacker direct access to confidential information or

critical systems.

References

Social References

More

Related

githubexploit 2
nuclei 1
cisa_kev 1
rapid7blog 2
prion 2
malwarebytes 1
cve 1
hivepro 2
attackerkb 1
nessus 1
thn 4
trendmicroblog 1
packetstorm 1
ics 1
avleonov 1
githubexploit
githubexploit
Exploit for CVE-2024-1709
2024-02-23 17:26:28
Exploit for CVE-2024-1709
2024-03-22 21:20:19
nuclei
nuclei
ConnectWise ScreenConnect 23.9.7 - Authentication Bypass
2024-02-21 10:41:25
cisa_kev
cisa_kev
ConnectWise ScreenConnect Authentication Bypass Vulnerability
2024-02-22 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up 03/01/2024
2024-03-01 20:00:49
High-Risk Vulnerabilities in ConnectWise ScreenConnect
2024-02-20 20:03:12
prion
prion
Authentication flaw
2024-02-21 16:15:00
Design/Logic Flaw
2024-02-21 16:15:00
malwarebytes
malwarebytes
Update now! ConnectWise ScreenConnect vulnerability needs your attention
2024-02-23 13:37:20
cve
cve
CVE-2024-27215
2024-02-21 16:15:50
hivepro
hivepro
Critical Vulnerabilities in ScreenConnect Under Active Exploitation
2024-02-23 06:45:12
Attacks, Vulnerabilities and Actors 19 to 25 February 2024
2024-02-27 07:44:12
attackerkb
attackerkb
CVE-2024-1709
2024-02-21 00:00:00
nessus
nessus
ConnectWise ScreenConnect Service < 23.9.8 Multiple Vulnerabilities
2024-02-22 00:00:00
thn
thn
Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware
2024-03-05 16:18:00
Critical Flaws Found in ConnectWise ScreenConnect Software - Patch Now
2024-02-20 10:38:00
FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks
2024-02-28 13:06:00
trendmicroblog
trendmicroblog
Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities
2024-02-27 00:00:00
packetstorm
packetstorm
ConnectWise ScreenConnect 23.9.7 Unauthenticated Remote Code Execution
2024-02-24 00:00:00
ics
ics
#StopRansomware: Black Basta
2024-05-10 12:00:00
avleonov
avleonov
February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW
2024-03-05 18:43:32

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.945 High

EPSS

Percentile

99.2%

JSON
Related for CVE-2024-1709
githubexploit2nuclei1cisa_kev1rapid7blog2prion2malwarebytes1cve1hivepro2attackerkb1nessus1thn4trendmicroblog1packetstorm1ics1avleonov1