CVE-2024-22024 - CERT CVE
ID CVE-2024-22024
Sažetak An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
Reference
CVSS
Base: 8.3
Impact: 3.7
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
LOW LOW LOW
CVSS vektor CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Zadnje važnije ažuriranje 13-02-2024 - 15:15
Objavljeno 13-02-2024 - 04:15