CVE-2024-21893 - CERT CVE

  1. CVE-2024-21893

ID CVE-2024-21893
Sažetak A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
Reference
CVSS
Base: 8.2
Impact: 4.2
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW NONE
CVSS vektor CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Zadnje važnije ažuriranje 01-02-2024 - 02:00
Objavljeno 31-01-2024 - 18:15