urlscan.io logo urlscan.io
SecurityTrails logo

forums.ivanti.com Open in urlscan Pro
2606:4700::6811:896b  Public Scan

Back to summary
URL: https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US
Submission: On February 12 via api from IN — Scanned from DE

Form analysis 0 forms found in the DOM

Text Content

Loading
×Sorry to interrupt
CSS Error

Refresh

Skip to Main Content

Community
 * Home
 * All Products
 * Forum Groups
   
 * Contact Support
 * Getting Started
   
 * Advantage Learning
 * Ivanti Innovators
 * Ivanti User Groups
 * Ivanti Ideas
 * Product End of Life
 * Community & Portal Resources
 * Ivanti Developer Hub
 * More
   


Expand search
SearchLoading



Close search

Log inAccount Management

Ask a Question


Log in for access to this feature



CVE-2024-22024 (XXE) for Ivanti Connect Secure and Ivanti Policy Secure
Primary Product

Created Date
Feb 8, 2024 6:54:22 PM
Last Modified Date
Feb 9, 2024 6:53:50 PM
Executive Summary:

As part of the ongoing investigation, we discovered a new vulnerability as part
of our internal review and testing of our code, which was also responsibly
disclosed by watchTowr. This vulnerability only affects a limited number of
supported versions – Ivanti Connect Secure (version 9.1R14.4, 9.1R17.2,
9.1R18.3, 22.4R2.2, 22.5R1.1, and 22.5R2.2), Ivanti Policy Secure version
22.5R1.1 and ZTA version 22.6R1.3.

A patch is available now for Ivanti Connect Secure (versions 9.1R14.5, 9.1R17.3,
9.1R18.4, 22.4R2.3, 22.5R1.2, 22.5R2.3 and 22.6R2.2), Ivanti Policy Secure
(versions 9.1R17.3, 9.1R18.4 and 22.5R1.2) and ZTA gateways (versions 22.5R1.6,
22.6R1.5 and 22.6R1.7).
The mitigation provided on 31 January is effective at blocking this vulnerable
endpoint and is available now via the standard download portal.
We have no evidence of this vulnerability being exploited in the wild as it was
found during our internal review and testing of our code.
Customers who applied the patch released on 31 January or 1 February, and
completed a factory reset of their appliance, do not need to factory reset their
appliances again.
We have no evidence of any customers being exploited by CVE-2024-22024. However,
it is critical that you immediately take action to ensure you are fully
protected.
The table below provides details on the vulnerabilities:

CVEDescriptionCVSSVectorCVE-2024-22024An XML external entity or XXE
vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti
Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access
certain restricted resources without authentication.8.3

/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L



Customers can read this KB article for detailed instructions on how to apply the
mitigation and apply the patch as each version becomes available. Please ensure
you are following the KB article to receive updates. If you have questions or
require further support, please log a case and/or request a call in the Success
Portal.
Refer to KB43892 – What releases will Pulse Secure apply fixes to resolve
security vulnerabilities for our End of Engineering (EOE) and End of Life (EOL)
policies.
Article Number :
000090576
Article Promotion Level
Normal

 * 
 * Terms & Conditions
 * Privacy Policy
 * 

Copyright © 2019-2023 Ivanti. All rights reserved.



Loading

We use cookies to optimize the website performance, content, and the overall
experience.
Cookies Settings Continue without cookies Accept All Cookies



PRIVACY PREFERENCE CENTER




YOUR PRIVACY

YOUR PRIVACY

We use cookies on this site to improve your browser experience, analyze usage
and traffic, tailor future content to your preferences, and make decisions about
our website. Select "Allow All" to accept cookies and go directly to the site,
or select a category of cookies from the menu to learn more about each type of
cookie.
More information


 * STRICTLY NECESSARY
   
   STRICTLY NECESSARY
   
   Always Active
   Strictly Necessary
   
   These cookies are required to enable core site functionality.
   
   Cookie Details‎


 * PERFORMANCE COOKIES
   
   PERFORMANCE COOKIES
   
   Performance Cookies
   
   These cookies allow us to analyze site performance and usage, so we can
   ensure you have the best experience.
   
   Cookie Details‎


 * PERSONALIZATION COOKIES
   
   PERSONALIZATION COOKIES
   
   Personalization Cookies
   
   These cookies can be set through our website by our advertising partners.
   They can be used by these companies to build a profile of your interests and
   show you relevant ads on other websites.
   
   Cookie Details‎


 * FUNCTIONAL COOKIES
   
   FUNCTIONAL COOKIES
   
   Functional Cookies
   
   These cookies enable the website to provide enhanced functionality and
   personalization. They may be set by us or by third party providers whose
   services we have added to our pages. If you do not allow these cookies then
   some or all of these services may not function properly.
   
   Cookie Details‎

Back Button


ADVERTISING COOKIES

Filter Button
Consent Leg.Interest
Select All Vendors
Select All Vendors
Select All Hosts

Select All



Clear Filters

Information storage and access
Apply
Save Settings Allow All