admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-22024.md
marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00

25 lines
1.1 KiB
Markdown
Raw Blame History

### [CVE-2024-22024](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22024)
![](https://img.shields.io/static/v1?label=Product&message=ICS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=IPS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=9.1R15.3%3C%209.1R15.3%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/0dteam/CVE-2024-22024
- https://github.com/Ostorlab/KEV
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/inguardians/ivanti-VPN-issues-2024-research
- https://github.com/labesterOct/CVE-2024-22024
- https://github.com/netlas-io/netlas-dorks
- https://github.com/nomi-sec/PoC-in-GitHub
Reference in New Issue View Git Blame Copy Permalink