// For flags

CVE-2024-22053

 

Severity Score

8.2
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x
22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.

Una vulnerabilidad de desbordamiento de montón en el componente IPSec de Ivanti Connect Secure (9.x 22.x) e Ivanti Policy Secure permite que un usuario malintencionado no autenticado envíe solicitudes especialmente manipuladas para bloquear el servicio, provocando así un ataque DoS o en determinadas condiciones. leer contenidos de la memoria.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2024-01-05 CVE Reserved
  • 2024-04-04 CVE Published
  • 2024-04-21 EPSS Updated
  • 2024-10-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-703: Improper Check or Handling of Exceptional Conditions
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r1
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r10
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r11
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r11.5
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r12
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r13
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r14, lts
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r15
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r16
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r17
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r18
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r2
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r3
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r4
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r4.1
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r4.2
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r4.3
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r5
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r6
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r7
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r8
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
9.1
Search vendor "Ivanti" for product "Connect Secure" and version "9.1"
r9
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
22.1
Search vendor "Ivanti" for product "Connect Secure" and version "22.1"
-
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
22.2
Search vendor "Ivanti" for product "Connect Secure" and version "22.2"
-
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
22.3
Search vendor "Ivanti" for product "Connect Secure" and version "22.3"
-
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
22.4
Search vendor "Ivanti" for product "Connect Secure" and version "22.4"
-
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
22.5
Search vendor "Ivanti" for product "Connect Secure" and version "22.5"
-
Affected
Ivanti
Search vendor "Ivanti"
Connect Secure
Search vendor "Ivanti" for product "Connect Secure"
22.6
Search vendor "Ivanti" for product "Connect Secure" and version "22.6"
-
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.0
Search vendor "Ivanti" for product "Policy Secure" and version "9.0"
-
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.0
Search vendor "Ivanti" for product "Policy Secure" and version "9.0"
r1
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.0
Search vendor "Ivanti" for product "Policy Secure" and version "9.0"
r2
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.0
Search vendor "Ivanti" for product "Policy Secure" and version "9.0"
r2.1
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.0
Search vendor "Ivanti" for product "Policy Secure" and version "9.0"
r3
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.0
Search vendor "Ivanti" for product "Policy Secure" and version "9.0"
r3.1
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.0
Search vendor "Ivanti" for product "Policy Secure" and version "9.0"
r4
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
-
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r1
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r10
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r11
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r12
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r13
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r14
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r15
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r16
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r17
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r18
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r2
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r3
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r4
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r5
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r6
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r7
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r8
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
9.1
Search vendor "Ivanti" for product "Policy Secure" and version "9.1"
r9
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
22.1
Search vendor "Ivanti" for product "Policy Secure" and version "22.1"
-
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
22.2
Search vendor "Ivanti" for product "Policy Secure" and version "22.2"
-
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
22.3
Search vendor "Ivanti" for product "Policy Secure" and version "22.3"
-
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
22.4
Search vendor "Ivanti" for product "Policy Secure" and version "22.4"
-
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
22.5
Search vendor "Ivanti" for product "Policy Secure" and version "22.5"
-
Affected
Ivanti
Search vendor "Ivanti"
Policy Secure
Search vendor "Ivanti" for product "Policy Secure"
22.6
Search vendor "Ivanti" for product "Policy Secure" and version "22.6"
-
Affected