A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
18 Nov 2024, 15:09
Type | Values Removed | Values Added |
---|---|---|
First Time |
Ivanti connect Secure
Ivanti Ivanti policy Secure |
|
CPE | cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:* cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:* cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:* cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:* cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:* |
|
CWE | CWE-787 | |
References | () https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs - Vendor Advisory |
13 Nov 2024, 17:01
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
12 Nov 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-12 16:15
Updated : 2024-11-18 15:09
NVD link : CVE-2024-47909
Mitre link : CVE-2024-47909
CVE.ORG link : CVE-2024-47909
JSON object : View
Products Affected
ivanti
- connect_secure
- policy_secure