Unrated severityCISA KEVNVD Advisory· Published Jan 31, 2024· Updated Oct 21, 2025
CVE-2024-21893
CVE-2024-21893
Description
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
Affected products
5- Range: 9.x, 22.x
- Range: 9.x, 22.x
- Ivanti/ICSv5Range: 9.1R18
- Ivanti/IPSv5Range: 9.1R18
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.