forums.ivanti.com Open in urlscan Pro
2606:4700::6811:896b  Public Scan

Form analysis
0 forms found in the DOM

Text Content

Loading
×Sorry to interrupt
CSS Error

Refresh

Skip to Main Content

Community
 * Home
 * All Products
 * Forum Groups
   
 * Contact Support
 * Getting Started
   
 * Advantage Learning
 * Ivanti Innovators
 * Ivanti User Groups
 * Ivanti Ideas
 * Product End of Life
 * Community & Portal Resources
 * Ivanti Developer Hub
 * More
   


Expand search
SearchLoading



Close search

Log inAccount Management

Ask a Question



Log in for access to this feature


Replace this text with content of your own.


CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection) for
Ivanti Connect Secure and Ivanti Policy Secure Gateways
Primary Product

Created Date
Jan 10, 2024 5:48:05 PM
Last Modified Date
Jan 10, 2024 8:31:50 PM

DESCRIPTION:

Vulnerabilities have been discovered in Ivanti Connect Secure (ICS), formerly
known as Pulse Connect Secure and Ivanti Policy Secure gateways. These
vulnerabilities impact all supported versions – Version 9.x and 22.x (refer
to Granular Software Release EOL Timelines and Support Matrix for supported
versions).
Refer to KB43892 – What releases will Pulse Secure apply fixes to resolve
security vulnerabilities for our End of Engineering (EOE) and End of Life (EOL)
policies.
If CVE-2024-21887 is used in conjunction with CVE-2023-46805, exploitation does
not require authentication and enables a threat actor to craft malicious
requests and execute arbitrary commands on the system. 

The table below provides details of the vulnerabilities:
 

CVEDescriptionCVSSVectorCVE-2023-46805An authentication bypass vulnerability in
the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a
remote attacker to access restricted resources by bypassing control checks.
 8.2AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
 CVE-2024-21887
 A command injection vulnerability in web components of Ivanti Connect Secure
(9.x, 22.x) and Ivanti Policy Secure allows an authenticated administrator to
send specially crafted requests and execute arbitrary commands on the
appliance.9.1AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
 


The Ivanti Neurons for ZTA gateways cannot be exploited when in production. If a
gateway for this solution is generated and left unconnected to a ZTA controller,
then there is a risk of exploitation on the generated gateway. Ivanti Neurons
for Secure Access is not vulnerable to these CVEs; however, the gateways being
managed are independently vulnerable to these CVEs.  

Upon learning of the vulnerability, we immediately mobilized resources and
mitigation is available now. Patches will be released in a staggered schedule
with the first version targeted to be available to customers the week of 22
January and the final version targeted to be available the week of 19 February.
We are providing mitigation now while the patch is in development to prioritize
the best interest of our customers.
It is critical that you immediately take action to ensure you are fully
protected.

Customers can read this KB Article  for detailed instructions on how to apply
the mitigation. Please ensure you are following this article to receive updates.
If you have questions or require further support, please log a case and/or
request a call in the Success Portal.


Ivanti thanks Volexity for their assistance in identifying and reporting the
issue in Ivanti Connect Secure, Ivanti Policy Secure and ZTA gateways, and
Mandiant for their continued partnership. 
Article Number :
000090122
Article Promotion Level
Normal

 * 
 * Terms & Conditions
 * Privacy Policy
 * 

Copyright © 2019-2023 Ivanti. All rights reserved.

Error
Something went wrong!
You do not have access to the Apex class named 'acFollowArticleCtrl'.
Close

Loading

We use cookies to optimize the website performance, content, and the overall
experience.
Cookies Settings Continue without cookies Accept All Cookies



PRIVACY PREFERENCE CENTER




YOUR PRIVACY

YOUR PRIVACY

We use cookies on this site to improve your browser experience, analyze usage
and traffic, tailor future content to your preferences, and make decisions about
our website. Select "Allow All" to accept cookies and go directly to the site,
or select a category of cookies from the menu to learn more about each type of
cookie.
More information


 * STRICTLY NECESSARY
   
   STRICTLY NECESSARY
   
   Always Active
   Strictly Necessary
   
   These cookies are required to enable core site functionality.
   
   Cookie Details‎


 * PERFORMANCE COOKIES
   
   PERFORMANCE COOKIES
   
   Performance Cookies
   
   These cookies allow us to analyze site performance and usage, so we can
   ensure you have the best experience.
   
   Cookie Details‎


 * PERSONALIZATION COOKIES
   
   PERSONALIZATION COOKIES
   
   Personalization Cookies
   
   These cookies can be set through our website by our advertising partners.
   They can be used by these companies to build a profile of your interests and
   show you relevant ads on other websites.
   
   Cookie Details‎


 * FUNCTIONAL COOKIES
   
   FUNCTIONAL COOKIES
   
   Functional Cookies
   
   These cookies enable the website to provide enhanced functionality and
   personalization. They may be set by us or by third party providers whose
   services we have added to our pages. If you do not allow these cookies then
   some or all of these services may not function properly.
   
   Cookie Details‎

Back Button


ADVERTISING COOKIES

Filter Button
Consent Leg.Interest
Select All Vendors
Select All Vendors
Select All Hosts

Select All



Clear Filters

Information storage and access
Apply
Save Settings Allow All