Ivanti Connect Secure and Policy Secure authentication bypass and command injection

Added: 01/18/2024

Background

Ivanti Connect Secure is a web-based remote access VPN.

Problem

An authentication bypass vulnerability and a command injection vulnerability when exploited together could allow a remote unauthenticated attacker to execute arbitrary commands.

Resolution

Apply the appropriate patch for your Ivanti product when available, or import the mitigation.release.20240107.1.xml file as a workaround. See the Ivanti knowledgebase article for more information.

References

https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways

Back to exploit index