CVE-2024-21893

high

Description

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.

References

https://www.theregister.com/2024/06/25/cisa_ivanti_chemical_facilities/

https://securityaffairs.com/164905/data-breach/cisa-confirmed-csat-breach.html

https://www.cybersecurity-insiders.com/zcaler-threatlabz-2024-vpn-risk-report/?utm_source=rss&utm_medium=rss&utm_campaign=zcaler-threatlabz-2024-vpn-risk-report

https://securelist.com/vulnerability-report-q1-2024/112554/

https://unit42.paloaltonetworks.com/malware-initiated-scanning-attacks/

https://www.bleepingcomputer.com/news/security/new-ivanti-rce-flaw-may-impact-16-000-exposed-vpn-gateways/

https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement

https://www.bleepingcomputer.com/news/security/magnet-goblin-hackers-use-1-day-flaws-to-drop-custom-linux-malware/

https://securityaffairs.com/160246/hacking/us-cisa-systems-hacked.html

https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/

https://www.scmagazine.com/news/ivanti-attacks-linked-to-espionage-group-targeting-defense-contractors

https://www.hivepro.com/threat-advisory/ivanti-gateways-under-attack-by-cybercriminals-patch-now/

https://www.cisa.gov/news-events/news/cisa-us-and-international-partners-warn-ongoing-exploitation-multiple-ivanti-vulnerabilities

https://www.bankinfosecurity.com/chinese-group-runs-highly-persistent-ivanti-0-day-exploits-a-24471?&web_view=true

https://www.mandiant.com/resources/blog/investigating-ivanti-exploitation-persistence

https://www.rapid7.com/blog/post/2024/02/23/metasploit-weekly-wrap-up-02-23-2024/

https://securityaffairs.com/158889/security/ivanti-warns-auth-bypass-flaw.html

https://www.hivepro.com/threat-digest/attacks-vulnerabilities-and-actors-29-january-to-4-february-2024/

https://securityaffairs.com/158677/hacking/ivanti-ssrf-cve-2024-21893-under-attack.html

https://www.hivepro.com/threat-advisory/ivanti-addresses-zero-day-vulnerability-exploited-in-attacks/

https://www.assetnote.io/resources/research/ivantis-pulse-connect-secure-auth-bypass-round-two

https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-disconnect-ivanti-vpn-appliances-by-saturday/

https://therecord.media/ivanti-warns-of-two-bugs-as-cisa-issues-alert-about-hackers?&web_view=true

https://www.tenable.com/blog/cve-2023-46805-cve-2024-21887-cve-2024-21888-and-cve-2024-21893-frequently-asked-questions

https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-connect-secure-zero-day-exploited-in-attacks/

https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US

https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US

Details

Source: Mitre, NVD

Published: 2024-01-31

Updated: 2024-07-03

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:N

Severity: High

CVSS v3

Base Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Severity: High