nvd-json-data-feeds/CVE-2024/CVE-2024-220xx/CVE-2024-22023.json

{
  "id": "CVE-2024-22023",
  "sourceIdentifier": "support@hackerone.com",
  "published": "2024-04-04T20:15:08.130",
  "lastModified": "2024-11-21T08:55:25.000",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS. "
    },
    {
      "lang": "es",
      "value": "Una expansi\u00f3n de entidad XML o vulnerabilidad XEE en el componente SAML de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure permite que un atacante no autenticado env\u00ede solicitudes XML especialmente manipuladas para causar temporalmente el agotamiento de los recursos, lo que resulta en una DoS por tiempo limitado."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4
      }
    ],
    "cvssMetricV30": [
      {
        "source": "support@hackerone.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ]
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:lts:*:*:*",
              "matchCriteriaId": "4F06BC30-D62D-4A8F-8279-69C1A4A77357"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
              "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
              "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
              "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FCEFEAE-2A69-4B54-B59F-207E182587B7"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E34306-6D29-44FF-914C-F56A0BDB9BE6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "72229EFD-B5F2-4EFA-9B62-8CB30767E9A7"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FDDA64-2FFB-424B-84C3-5D12B023BEE8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF23F7CD-2A2F-4074-9711-7AF001D27693"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DCED84C-D9C4-4863-8323-721C3009046E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
              "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
              "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
              "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
              "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
              "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
              "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
              "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
              "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
              "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
              "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
              "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
              "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
              "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
              "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
              "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
              "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "943AE706-D105-4F10-9CEE-DFED2B398BE8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97BA5833-4D1C-49FE-AED1-C05739C70D9C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF784115-7006-49AE-96B9-E983936733B6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F070F30-4AFE-4A02-843D-702F08F29630"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BC6B43E-6BBF-421A-9F9C-41FEBA72712B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED7C69C-6F3E-442E-BEBE-57E14AA2165F"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US",
      "source": "support@hackerone.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
Auto-Update: 2024-04-04T22:00:37.865222+00:00 2024-04-04 22:03:28 +00:00			`{`
			`"id": "CVE-2024-22023",`
			`"sourceIdentifier": "support@hackerone.com",`
			`"published": "2024-04-04T20:15:08.130",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"lastModified": "2024-11-21T08:55:25.000",`
Auto-Update: 2024-07-03T02:00:33.205262+00:00 2024-07-03 02:03:28 +00:00			`"vulnStatus": "Modified",`
			`"cveTags": [],`
Auto-Update: 2024-04-04T22:00:37.865222+00:00 2024-04-04 22:03:28 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS. "`
Auto-Update: 2024-04-05T14:00:38.541853+00:00 2024-04-05 14:03:28 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "Una expansi\u00f3n de entidad XML o vulnerabilidad XEE en el componente SAML de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure permite que un atacante no autenticado env\u00ede solicitudes XML especialmente manipuladas para causar temporalmente el agotamiento de los recursos, lo que resulta en una DoS por tiempo limitado."`
Auto-Update: 2024-04-04T22:00:37.865222+00:00 2024-04-04 22:03:28 +00:00			`}`
			`],`
			`"metrics": {`
Auto-Update: 2024-04-08T23:55:30.992103+00:00 2024-04-08 23:58:20 +00:00			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"baseScore": 5.3,`
			`"baseSeverity": "MEDIUM",`
Auto-Update: 2024-04-08T23:55:30.992103+00:00 2024-04-08 23:58:20 +00:00			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "LOW"`
Auto-Update: 2024-04-08T23:55:30.992103+00:00 2024-04-08 23:58:20 +00:00			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 1.4`
			`}`
			`],`
Auto-Update: 2024-04-04T22:00:37.865222+00:00 2024-04-04 22:03:28 +00:00			`"cvssMetricV30": [`
			`{`
			`"source": "support@hackerone.com",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.0",`
			`"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"baseScore": 5.3,`
			`"baseSeverity": "MEDIUM",`
Auto-Update: 2024-04-04T22:00:37.865222+00:00 2024-04-04 22:03:28 +00:00			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "LOW"`
Auto-Update: 2024-04-04T22:00:37.865222+00:00 2024-04-04 22:03:28 +00:00			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 1.4`
			`}`
			`]`
			`},`
Auto-Update: 2024-04-08T23:55:30.992103+00:00 2024-04-08 23:58:20 +00:00			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-476"`
			`}`
			`]`
Auto-Update: 2024-07-03T02:00:33.205262+00:00 2024-07-03 02:03:28 +00:00			`},`
			`{`
			`"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
Auto-Update: 2024-10-03T23:55:17.515048+00:00 2024-10-03 23:58:17 +00:00			`"value": "CWE-703"`
Auto-Update: 2024-07-03T02:00:33.205262+00:00 2024-07-03 02:03:28 +00:00			`}`
			`]`
Auto-Update: 2024-04-08T23:55:30.992103+00:00 2024-04-08 23:58:20 +00:00			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1::::::",`
			`"matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10::::::",`
			`"matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11::::::",`
			`"matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5::::::",`
			`"matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12::::::",`
			`"matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13::::::",`
			`"matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:::lts:::*",`
			`"matchCriteriaId": "4F06BC30-D62D-4A8F-8279-69C1A4A77357"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15::::::",`
			`"matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16::::::",`
			`"matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17::::::",`
			`"matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18::::::",`
			`"matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2::::::",`
			`"matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3::::::",`
			`"matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4::::::",`
			`"matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1::::::",`
			`"matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2::::::",`
			`"matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3::::::",`
			`"matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5::::::",`
			`"matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6::::::",`
			`"matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7::::::",`
			`"matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8::::::",`
			`"matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9::::::",`
			`"matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:::::::*",`
			`"matchCriteriaId": "9FCEFEAE-2A69-4B54-B59F-207E182587B7"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:::::::*",`
			`"matchCriteriaId": "03E34306-6D29-44FF-914C-F56A0BDB9BE6"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:::::::*",`
			`"matchCriteriaId": "72229EFD-B5F2-4EFA-9B62-8CB30767E9A7"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:::::::*",`
			`"matchCriteriaId": "D1FDDA64-2FFB-424B-84C3-5D12B023BEE8"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:::::::*",`
			`"matchCriteriaId": "DF23F7CD-2A2F-4074-9711-7AF001D27693"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:::::::*",`
			`"matchCriteriaId": "3DCED84C-D9C4-4863-8323-721C3009046E"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-::::::",`
			`"matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1::::::",`
			`"matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2::::::",`
			`"matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1::::::",`
			`"matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3::::::",`
			`"matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1::::::",`
			`"matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4::::::",`
			`"matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-::::::",`
			`"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1::::::",`
			`"matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10::::::",`
			`"matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11::::::",`
			`"matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12::::::",`
			`"matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13::::::",`
			`"matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14::::::",`
			`"matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15::::::",`
			`"matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16::::::",`
			`"matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17::::::",`
			`"matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18::::::",`
			`"matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2::::::",`
			`"matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3::::::",`
			`"matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4::::::",`
			`"matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5::::::",`
			`"matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6::::::",`
			`"matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7::::::",`
			`"matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8::::::",`
			`"matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9::::::",`
			`"matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:::::::*",`
			`"matchCriteriaId": "943AE706-D105-4F10-9CEE-DFED2B398BE8"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:::::::*",`
			`"matchCriteriaId": "97BA5833-4D1C-49FE-AED1-C05739C70D9C"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:::::::*",`
			`"matchCriteriaId": "EF784115-7006-49AE-96B9-E983936733B6"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:::::::*",`
			`"matchCriteriaId": "6F070F30-4AFE-4A02-843D-702F08F29630"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:::::::*",`
			`"matchCriteriaId": "4BC6B43E-6BBF-421A-9F9C-41FEBA72712B"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:::::::*",`
			`"matchCriteriaId": "EED7C69C-6F3E-442E-BEBE-57E14AA2165F"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
Auto-Update: 2024-04-04T22:00:37.865222+00:00 2024-04-04 22:03:28 +00:00			`"references": [`
			`{`
			`"url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US",`
Auto-Update: 2024-04-08T23:55:30.992103+00:00 2024-04-08 23:58:20 +00:00			`"source": "support@hackerone.com",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`},`
			`{`
			`"url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
Auto-Update: 2024-04-04T22:00:37.865222+00:00 2024-04-04 22:03:28 +00:00			`}`
			`]`
			`}`