Ivanti Connect Secure 9.x / 22.x Server-Side Request Forgery

critical Web App Scanning Plugin ID 114196

Synopsis

Ivanti Connect Secure 9.x / 22.x Server-Side Request Forgery

Description

Ivanti Connect Secure 9.x, 22.x suffers from a Server-Side Request Forgery.

By crafting a specific HTTP request, a remote attacker could exploit this vulnerability to access certain restricted resources without authentication.

Solution

Apply `mitigation.release.20240126.5.xml` hotfix from vendor website.

See Also

https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

https://github.com/advisories/GHSA-5rr9-mqhj-7cr2

https://www.assetnote.io/resources/research/ivantis-pulse-connect-secure-auth-bypass-round-two

Plugin Details

Severity: Critical

ID: 114196

Type: remote

Published: 2/7/2024

Updated: 2/7/2024

Scan Template: basic, full, pci, scan

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:N

CVSS Score Source: CVE-2024-21893

CVSS v3

Risk Factor: High

Base Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CVSS Score Source: CVE-2024-21893

CVSS v4

Risk Factor: Critical

Base Score: 9.2

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N

CVSS Score Source: CVE-2024-21893

Vulnerability Information

CPE: cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*

Exploit Available: true

CISA Known Exploited Vulnerability Due Dates: 2/2/2024

Reference Information

CVE: CVE-2024-21893