Web Application SecurityIvanti.Connect.Secure.Policy.Secure.Authentication.Bypass
Description
This indicates an attack attempt to exploit a Authentication Bypass Vulnerability in Ivanti Connect Secure and Ivanti Policy Secure Gateways.
The vulnerability is due to insufficient validation of user input. A remote, unauthenticated attacker could exploit this vulnerability by sending a malicious request to the target gateway. Successfully exploiting this vulnerability could result in the execution of arbitrary commands.
Affected Products
Ivanti Connect Secure prior to 9.1R14x
Ivanti Connect Secure prior to 9.1R15x
Ivanti Connect Secure prior to 9.1R16x
Ivanti Connect Secure prior to 9.1R17x
Ivanti Connect Secure prior to 9.1R18x
Ivanti Connect Secure prior to 22.1R6x
Ivanti Connect Secure prior to 22.2R4x
Ivanti Connect Secure prior to 22.3R1x
Ivanti Connect Secure prior to 22.4R1x
Ivanti Connect Secure prior to 22.4R2x
Ivanti Connect Secure prior to 22.5R1x
Ivanti Connect Secure prior to 22.5R2x
Ivanti Connect Secure prior to 22.6R1x
Ivanti Connect Secure prior to 22.6R2x
ZTA prior to 22.5R1x
ZTA prior to 22.6R1x
Ivanti Policy Secure prior to 9.1R18x
Ivanti Policy Secure prior to 22.5R1x
Ivanti Policy Secure prior to 9.1R17x
Ivanti Policy Secure prior to 22.4R1x
Ivanti Policy Secure prior to 22.6R1x
Ivanti Policy Secure prior to 9.1R16x
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-01-31 | 0.00368 |
| ID | 1090501993 |
| Created | Jan 31, 2024 |
| Updated | Jan 31, 2024 |
| Risk |
|
| Default Action | pass |
| Active | |
| Affected OS | Windows |
| Affected App | Other |
| Engine Version | 5.0.0 or later |