Lucene search
K

142 matches found

Ivanti
Ivanti
added 2025/02/11 3:1 p.m.799 views

February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs)

Summary Ivanti has released updates for Ivanti Connect Secure ICS,Ivanti Policy Secure IPS and Ivanti Secure Access Client ISAC which addresses medium, high and critical severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure...

9.9CVSS8.2AI score0.03831EPSS
Exploits0
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.8 views

Ivanti Secure Access Client 安全漏洞

Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. to enable remote secure access, supporting enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client suffers from a privilege issue vulnerability that can be exploited by an...

7.1CVSS9.3AI score0.00208EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:39 a.m.10 views

CVE-2024-7571

Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges...

7.8CVSS6.6AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:12 a.m.6 views

CVE-2024-29211

A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files...

7.1CVSS6.3AI score0.00296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:43 a.m.7 views

CVE-2024-37398

Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges...

7.8CVSS6.6AI score0.00322EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/04 10:36 p.m.7 views

CVE-2024-8539

Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files...

7.1CVSS6.3AI score0.00215EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.6 views

The vulnerability of the VPN server in corporate networks of Ivanti Secure Access Client (formerly Pulse Secure Desktop Client) – related to synchronization errors when using a shared resource (“Race Situation”) – allows a hacker to modify confidential configuration files.

The vulnerability of the VPN server for corporate networks of Ivanti Secure Access Client ISAC, previously known as Pulse Secure Desktop Client, on Windows operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability could allow an attacker to...

7.1CVSS7.1AI score0.00296EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2024/11/15 12:0 a.m.3 views

Ivanti Secure Access Client Elevation of Privilege Vulnerability

Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. to enable remote secure access, supporting enterprise-class VPN connections and encrypted access to resources. An elevation of privilege vulnerability exists in Ivanti Secure Access Client, which stems from the...

7.8CVSS9AI score0.00262EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/15 12:0 a.m.3 views

Ivanti Secure Access Client Privilege Issue Vulnerability

Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. that is primarily used to enable remote secure access with support for enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client is vulnerable to a privilege issue vulnerabili...

7.3CVSS8.9AI score0.0021EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/15 12:0 a.m.2 views

Ivanti Secure Access Client Improper Authorization Vulnerability

Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. that is primarily used to enable remote secure access with support for enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client suffers from an improper authorization...

7.1CVSS8.8AI score0.00215EPSS
Exploits0References1
NVD
NVD
added 2024/11/13 2:15 a.m.23 views

CVE-2024-37398

Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges...

7.8CVSS0.00322EPSS
Exploits0References1
OSV
OSV
added 2024/11/13 2:15 a.m.6 views

CVE-2024-38654

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service...

4.4CVSS7.3AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2024/11/13 2:15 a.m.20 views

CVE-2024-29211

A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files...

7.1CVSS0.00296EPSS
Exploits0References1
CVE
CVE
added 2024/11/13 1:54 a.m.51 views

CVE-2024-37398

CVE-2024-37398 relates to Ivanti Secure Access Client. The issue is caused by insufficient input validation in the client before version 22.7R4, enabling a local authenticated attacker to escalate privileges (local, initial access via the client). The CVE is also observed in related Ivanti produc...

7.8CVSS6.9AI score0.00322EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/13 1:54 a.m.20 views

CVE-2024-38654

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service...

4.4CVSS0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/13 1:54 a.m.25 views

CVE-2024-29211

A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files...

7.1CVSS0.00296EPSS
Exploits0References1
CVE
CVE
added 2024/11/13 1:54 a.m.57 views

CVE-2024-38654

CVE-2024-38654 affects Ivanti Secure Access Client prior to version 22.7R3. The issue is due to improper bounds checking (a buffer copy without size validation), which can be exploited by a local authenticated attacker with admin privileges to cause a denial of service. The coordinated remediatio...

4.4CVSS6.7AI score0.0028EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/13 1:54 a.m.17 views

CVE-2024-38654

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service...

4.4CVSS6.4AI score0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/13 1:54 a.m.13 views

CVE-2024-37398

Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges...

7.8CVSS0.00322EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.6 views

Ivanti Secure Access Client 竞争条件问题漏洞

Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. that is primarily used to enable remote secure access with support for enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client suffers from a competitive condition...

7.1CVSS9AI score0.00296EPSS
Exploits0References3
Rows per page
Query Builder