CVE Vulnerabilities

CVE-2024-21888

Published: Jan 31, 2024 | Modified: Jan 31, 2024
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.

Affected Software

Name Vendor Start Version End Version
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.0 9.0
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 9.1 9.1
Connect_secure Ivanti 21.9 21.9
Connect_secure Ivanti 21.12 21.12
Connect_secure Ivanti 22.1 22.1
Connect_secure Ivanti 22.1 22.1
Connect_secure Ivanti 22.2 22.2
Connect_secure Ivanti 22.2 22.2
Connect_secure Ivanti 22.3 22.3
Connect_secure Ivanti 22.4 22.4
Connect_secure Ivanti 22.4 22.4
Connect_secure Ivanti 22.6 22.6
Connect_secure Ivanti 22.6 22.6
Connect_secure Ivanti 22.6 22.6
Connect_secure Ivanti 22.6 22.6
Policy_secure Ivanti 9.0 9.0
Policy_secure Ivanti 9.0 9.0
Policy_secure Ivanti 9.0 9.0
Policy_secure Ivanti 9.0 9.0
Policy_secure Ivanti 9.0 9.0
Policy_secure Ivanti 9.0 9.0
Policy_secure Ivanti 9.0 9.0
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 9.1 9.1
Policy_secure Ivanti 22.1 22.1
Policy_secure Ivanti 22.1 22.1
Policy_secure Ivanti 22.2 22.2
Policy_secure Ivanti 22.2 22.2
Policy_secure Ivanti 22.3 22.3
Policy_secure Ivanti 22.3 22.3
Policy_secure Ivanti 22.4 22.4
Policy_secure Ivanti 22.4 22.4
Policy_secure Ivanti 22.4 22.4
Policy_secure Ivanti 22.5 22.5
Policy_secure Ivanti 22.6 22.6

References