VYPR
Unrated severityCISA KEVNVD Advisory· Published Jan 12, 2024· Updated Oct 21, 2025

CVE-2024-21887

CVE-2024-21887

Description

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4

Patches

Vulnerability mechanics

References

2

News mentions

3