Unrated severityNVD Advisory· Published Apr 4, 2024· Updated Oct 3, 2024
CVE-2024-21894
CVE-2024-21894
Description
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code
Affected products
49.x, 22.x+ 1 more
- (no CPE)range: 9.x, 22.x
- (no CPE)range: 22.1R6.2
(expand)+ 1 more
- (no CPE)
- (no CPE)range: 22.4R1.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.