Lucene search
IvantiCVE-2024-7569HistoryAug 13, 2024 - 7:15 p.m.
CVE-2024-7569
2024-08-1319:15:16
CWE-215
CWE-922
ivanti
web.nvd.nist.gov
23
ivanti itsm
neurons
information disclosure
vulnerability
oidc client secret
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
39.7%
An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information.
Affected configurations
Node
ivantineurons_for_itsmMatch2023.2
ORivantineurons_for_itsmMatch2023.3
ORivantineurons_for_itsmMatch2023.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ivanti | neurons_for_itsm | 2023.2 | cpe:2.3:a:ivanti:neurons_for_itsm:2023.2:*:*:*:*:*:*:* |
| ivanti | neurons_for_itsm | 2023.3 | cpe:2.3:a:ivanti:neurons_for_itsm:2023.3:*:*:*:*:*:*:* |
| ivanti | neurons_for_itsm | 2023.4 | cpe:2.3:a:ivanti:neurons_for_itsm:2023.4:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "affected",
"product": "ITSM",
"vendor": "Ivanti",
"versions": [
{
"status": "affected",
"version": "2023.4"
},
{
"status": "unaffected",
"version": "2023.4.0"
}
]
}
]Related
cvelist
cvelist
CVE-2024-7569
2024-08-13 18:10:55
vulnrichment
vulnrichment
CVE-2024-7569
2024-08-13 18:10:55
nvd
nvd
CVE-2024-7569
2024-08-13 19:15:16
thn
thn
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
39.7%
Related for CVE-2024-7569