Unrated severityNVD Advisory· Published Feb 13, 2024· Updated May 9, 2025
CVE-2024-22024
CVE-2024-22024
Description
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
Affected products
5- Range: 9.x, 22.x
- Range: 9.x, 22.x
- Ivant/ICSv5Range: 9.1R15.3
- Ivanti/ICSv5Range: 9.1R14.5
- Ivanti/IPSv5Range: 9.1R18.4
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.