CVE-2024-37404

high

Description

The vulnerability allows a remote authenticated attacker to achieve remote code execution on affected systems. If successfully exploited, an attacker would potentially have the ability to execute arbitrary code on the target system with system-level privileges, gain full control over the affected Ivanti device, access or modify sensitive data and configurations, and/or use the compromised system as a foothold to move laterally in the network.

Details

Source: Mitre, NVD

Published: 2024-10-10

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H