Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:ivanti:connect_secure:9.1:r17.2:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-22024 |
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication. Published: February 12, 2024; 11:15:07 PM -0500 |
V4.0:(not available) V3.1: 8.3 HIGH V2.0:(not available) |
CVE-2023-39340 |
A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance. Published: December 15, 2023; 9:15:07 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-41719 |
A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker impersonating an administrator may craft a specific web request which may lead to remote code execution. Published: December 13, 2023; 9:15:12 PM -0500 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available) |