CVE-2024-22024

CVSS 8.3 HIGHEPSS 94.7%CWE-611

In short

A flaw in the SAML component allows attackers to read restricted files and resources on Ivanti Connect Secure, Policy Secure, and ZTA gateways without needing to log in. This happens because the system doesn't properly validate XML data, letting attackers inject external entity references.

Technical detail

An XXE (XML External Entity) vulnerability in the SAML processing logic of Ivanti Connect Secure and Policy Secure (versions 9.x, 22.x) and ZTA gateways permits unauthenticated attackers to access restricted resources. The vulnerability stems from insufficient validation of XML input, enabling entity expansion attacks to bypass access controls and retrieve sensitive data.

Summary generated and translated by AI from the official description.

An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Affected products

Ivant · ICS Ivanti · ICS Ivanti · IPS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US