SSRF vulnerability in SAML component of Ivanti Connect/Policy Secure allows access to restricted resources
Reporter | Title | Published | Views | Family All 47 |
---|---|---|---|---|
Prion | Server side request forgery (ssrf) | 31 Jan 202418:15 | – | prion |
Hive Pro Threat Advisories | Attacks, Vulnerabilities and Actors 29 January to 4 February 2024 | 6 Feb 202408:18 | – | hivepro |
Hive Pro Threat Advisories | Ivanti Addresses Zero-Day Vulnerability Exploited in Attacks | 2 Feb 202415:18 | – | hivepro |
Hive Pro Threat Advisories | Ivanti Gateways Under Attack by Cybercriminals Patch Now | 1 Mar 202415:08 | – | hivepro |
Tenable Nessus | Ivanti Policy Secure 9.x / 22.x SSRF-RCE Chain (CVE-2024-21893) | 6 Feb 202400:00 | – | nessus |
Tenable Nessus | Ivanti Connect Secure 9.x / 22.x SSRF-RCE Chain (CVE-2024-21893) | 6 Feb 202400:00 | – | nessus |
Tenable Nessus | Ivanti Connect Secure 9.x / 22.x SSRF (CVE-2024-21893) | 6 Feb 202400:00 | – | nessus |
Tenable Nessus | Ivanti Policy Secure 9.x / 22.x SSRF (CVE-2024-21893) | 6 Feb 202400:00 | – | nessus |
Tenable Nessus | Ivanti Connect Secure 9.x / 22.x Multiple Vulnerabilities | 10 Jan 202400:00 | – | nessus |
Tenable Nessus | Ivanti Policy Secure 9.x / 22.x Multiple Vulnerabilities | 9 Feb 202400:00 | – | nessus |
[
{
"defaultStatus": "unaffected",
"vendor": "Ivanti",
"product": "ICS",
"versions": [
{
"version": "9.1R18",
"status": "affected",
"lessThanOrEqual": "9.1R18",
"versionType": "semver"
},
{
"version": "22.6R2",
"status": "affected",
"lessThanOrEqual": "22.6R2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"vendor": "Ivanti",
"product": "IPS",
"versions": [
{
"version": "9.1R18",
"status": "affected",
"lessThanOrEqual": "9.1R18",
"versionType": "semver"
},
{
"version": "22.6R1",
"status": "affected",
"lessThanOrEqual": "22.6R1",
"versionType": "semver"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo