An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.
Weakness
Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore “wraps around” to a very small, negative, or undefined value.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Connect_secure | Ivanti | * | 9.1 (excluding) |
| Connect_secure | Ivanti | 9.1 (including) | 9.1 (including) |
| Connect_secure | Ivanti | 9.1-r1 (including) | 9.1-r1 (including) |
| Connect_secure | Ivanti | 9.1-r1.0 (including) | 9.1-r1.0 (including) |
| Connect_secure | Ivanti | 9.1-r10.0 (including) | 9.1-r10.0 (including) |
| Connect_secure | Ivanti | 9.1-r10.2 (including) | 9.1-r10.2 (including) |
| Connect_secure | Ivanti | 9.1-r11.0 (including) | 9.1-r11.0 (including) |
| Connect_secure | Ivanti | 9.1-r11.1 (including) | 9.1-r11.1 (including) |
| Connect_secure | Ivanti | 9.1-r11.3 (including) | 9.1-r11.3 (including) |
| Connect_secure | Ivanti | 9.1-r11.4 (including) | 9.1-r11.4 (including) |
| Connect_secure | Ivanti | 9.1-r11.5 (including) | 9.1-r11.5 (including) |
| Connect_secure | Ivanti | 9.1-r12 (including) | 9.1-r12 (including) |
| Connect_secure | Ivanti | 9.1-r12.1 (including) | 9.1-r12.1 (including) |
| Connect_secure | Ivanti | 9.1-r12.2 (including) | 9.1-r12.2 (including) |
| Connect_secure | Ivanti | 9.1-r13 (including) | 9.1-r13 (including) |
| Connect_secure | Ivanti | 9.1-r13.1 (including) | 9.1-r13.1 (including) |
| Connect_secure | Ivanti | 9.1-r14 (including) | 9.1-r14 (including) |
| Connect_secure | Ivanti | 9.1-r15 (including) | 9.1-r15 (including) |
| Connect_secure | Ivanti | 9.1-r16 (including) | 9.1-r16 (including) |
| Connect_secure | Ivanti | 9.1-r16.1 (including) | 9.1-r16.1 (including) |
| Connect_secure | Ivanti | 9.1-r2 (including) | 9.1-r2 (including) |
| Connect_secure | Ivanti | 9.1-r2.0 (including) | 9.1-r2.0 (including) |
| Connect_secure | Ivanti | 9.1-r3 (including) | 9.1-r3 (including) |
| Connect_secure | Ivanti | 9.1-r3.0 (including) | 9.1-r3.0 (including) |
| Connect_secure | Ivanti | 9.1-r4 (including) | 9.1-r4 (including) |
| Connect_secure | Ivanti | 9.1-r4.0 (including) | 9.1-r4.0 (including) |
| Connect_secure | Ivanti | 9.1-r4.1 (including) | 9.1-r4.1 (including) |
| Connect_secure | Ivanti | 9.1-r4.2 (including) | 9.1-r4.2 (including) |
| Connect_secure | Ivanti | 9.1-r4.3 (including) | 9.1-r4.3 (including) |
| Connect_secure | Ivanti | 9.1-r5 (including) | 9.1-r5 (including) |
| Connect_secure | Ivanti | 9.1-r5.0 (including) | 9.1-r5.0 (including) |
| Connect_secure | Ivanti | 9.1-r6 (including) | 9.1-r6 (including) |
| Connect_secure | Ivanti | 9.1-r6.0 (including) | 9.1-r6.0 (including) |
| Connect_secure | Ivanti | 9.1-r7 (including) | 9.1-r7 (including) |
| Connect_secure | Ivanti | 9.1-r7.0 (including) | 9.1-r7.0 (including) |
| Connect_secure | Ivanti | 9.1-r8 (including) | 9.1-r8 (including) |
| Connect_secure | Ivanti | 9.1-r8.0 (including) | 9.1-r8.0 (including) |
| Connect_secure | Ivanti | 9.1-r8.1 (including) | 9.1-r8.1 (including) |
| Connect_secure | Ivanti | 9.1-r8.2 (including) | 9.1-r8.2 (including) |
| Connect_secure | Ivanti | 9.1-r8.4 (including) | 9.1-r8.4 (including) |
| Connect_secure | Ivanti | 9.1-r9 (including) | 9.1-r9 (including) |
| Connect_secure | Ivanti | 9.1-r9.0 (including) | 9.1-r9.0 (including) |
| Connect_secure | Ivanti | 9.1-r9.1 (including) | 9.1-r9.1 (including) |
| Connect_secure | Ivanti | 9.1-r9.2 (including) | 9.1-r9.2 (including) |
| Connect_secure | Ivanti | 21.9-r1 (including) | 21.9-r1 (including) |
| Connect_secure | Ivanti | 21.12-r1 (including) | 21.12-r1 (including) |
| Connect_secure | Ivanti | 22.1-r1 (including) | 22.1-r1 (including) |
| Connect_secure | Ivanti | 22.2 (including) | 22.2 (including) |
| Connect_secure | Ivanti | 22.2-r1 (including) | 22.2-r1 (including) |
| Neurons_for_zero-trust_access | Ivanti | 22.2-r1 (including) | 22.2-r1 (including) |
| Policy_secure | Ivanti | * | 9.1 (excluding) |
| Policy_secure | Ivanti | 9.1 (including) | 9.1 (including) |
| Policy_secure | Ivanti | 9.1-r1 (including) | 9.1-r1 (including) |
| Policy_secure | Ivanti | 9.1-r10 (including) | 9.1-r10 (including) |
| Policy_secure | Ivanti | 9.1-r11 (including) | 9.1-r11 (including) |
| Policy_secure | Ivanti | 9.1-r12 (including) | 9.1-r12 (including) |
| Policy_secure | Ivanti | 9.1-r13 (including) | 9.1-r13 (including) |
| Policy_secure | Ivanti | 9.1-r13.1 (including) | 9.1-r13.1 (including) |
| Policy_secure | Ivanti | 9.1-r14 (including) | 9.1-r14 (including) |
| Policy_secure | Ivanti | 9.1-r15 (including) | 9.1-r15 (including) |
| Policy_secure | Ivanti | 9.1-r16 (including) | 9.1-r16 (including) |
| Policy_secure | Ivanti | 9.1-r2 (including) | 9.1-r2 (including) |
| Policy_secure | Ivanti | 9.1-r3 (including) | 9.1-r3 (including) |
| Policy_secure | Ivanti | 9.1-r3.1 (including) | 9.1-r3.1 (including) |
| Policy_secure | Ivanti | 9.1-r4 (including) | 9.1-r4 (including) |
| Policy_secure | Ivanti | 9.1-r4.1 (including) | 9.1-r4.1 (including) |
| Policy_secure | Ivanti | 9.1-r4.2 (including) | 9.1-r4.2 (including) |
| Policy_secure | Ivanti | 9.1-r5 (including) | 9.1-r5 (including) |
| Policy_secure | Ivanti | 9.1-r6 (including) | 9.1-r6 (including) |
| Policy_secure | Ivanti | 9.1-r7 (including) | 9.1-r7 (including) |
| Policy_secure | Ivanti | 9.1-r8 (including) | 9.1-r8 (including) |
| Policy_secure | Ivanti | 9.1-r8.1 (including) | 9.1-r8.1 (including) |
| Policy_secure | Ivanti | 9.1-r8.2 (including) | 9.1-r8.2 (including) |
| Policy_secure | Ivanti | 9.1-r9 (including) | 9.1-r9 (including) |
| Policy_secure | Ivanti | 22.1-r1 (including) | 22.1-r1 (including) |
| Policy_secure | Ivanti | 22.2-r1 (including) | 22.2-r1 (including) |