CVE-2024-21893: Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability

First published: Wed Jan 31 2024(Updated: )

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.

Credit: support@hackerone.com support@hackerone.com

Affected Software	Affected Version	How to fix
Ivanti Connect Secure, Policy Secure, and Neurons
	=9.0
	=9.0-r1
	=9.0-r2
	=9.0-r2.1
	=9.0-r3
	=9.0-r3.1
	=9.0-r3.2
	=9.0-r3.3
	=9.0-r3.5
	=9.0-r4
	=9.0-r4.1
	=9.0-r5.0
	=9.0-r6.0
	=9.1-r1
	=9.1-r10
	=9.1-r11
	=9.1-r11.3
	=9.1-r11.4
	=9.1-r11.5
	=9.1-r12
	=9.1-r12.1
	=9.1-r13
	=9.1-r13.1
	=9.1-r14
	=9.1-r15
	=9.1-r15.2
	=9.1-r16
	=9.1-r16.1
	=9.1-r17
	=9.1-r17.1
	=9.1-r18
	=9.1-r18.1
	=9.1-r18.2
	=9.1-r2
	=9.1-r3
	=9.1-r4
	=9.1-r4.1
	=9.1-r4.2
	=9.1-r4.3
	=9.1-r5
	=9.1-r6
	=9.1-r7
	=9.1-r8
	=9.1-r8.1
	=9.1-r8.2
	=9.1-r9
	=9.1-r9.1
	=21.9-r1
	=21.12-r1
	=22.1-r1
	=22.1-r6
	=22.2
	=22.2-r1
	=22.3-r1
	=22.4-r1
	=22.4-r2.1
	=22.6
	=22.6-r1
	=22.6-r2
	=22.6-r2.1

	=9.0
	=9.0-r1
	=9.0-r2
	=9.0-r2.1
	=9.0-r3
	=9.0-r3.1
	=9.0-r4
	=9.1
	=9.1-r1
	=9.1-r10
	=9.1-r11
	=9.1-r12
	=9.1-r13
	=9.1-r13.1
	=9.1-r14
	=9.1-r15
	=9.1-r16
	=9.1-r17
	=9.1-r18
	=9.1-r18.1
	=9.1-r18.2
	=9.1-r2
	=9.1-r3
	=9.1-r3.1
	=9.1-r4
	=9.1-r4.1
	=9.1-r4.2
	=9.1-r4.3
	=9.1-r5
	=9.1-r6
	=9.1-r7
	=9.1-r8
	=9.1-r8.1
	=9.1-r8.2
	=9.1-r9
	=22.1-r1
	=22.1-r6
	=22.2-r1
	=22.2-r3
	=22.3-r1
	=22.3-r3
	=22.4-r1
	=22.4-r2
	=22.4-r2.1
	=22.5-r1
	=22.6-r1

Remedy

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Never miss a vulnerability like this again

Reference Links

Peer vulnerabilities

(Found alongside the following vulnerabilities)

collector/bleeping-computer
source/BleepingComputer
alias/CVE-2024-21893
alias/CVE-2024-21888
alias/CVE-2023-46805
alias/CVE-2024-21887
agent/type
collector/the-register
source/The Register
agent/remedy
agent/title
agent/first-publish-date
agent/description
alias/CVE-2024-22024
alias/CVE-2021-22893
agent/weakness
alias/CVE-2023-41265
alias/CVE-2023-41266
alias/CVE-2023-48365
alias/CVE-2022-24086
agent/severity
alias/CVE-2023-41724
alias/CVE-2023-46808
alias/CVE-2024-21894
collector/epss-latest
source/FIRST
agent/epss
zeroday/true
agent/news-ai
agent/softwarecombine
collector/mitre-cve
source/MITRE
alias/CVE-2024-7593
alias/CVE-2024-7569
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
exploited/true
collector/cisa-known-exploited
source/CISA
agent/references
agent/event
collector/nvd-cve
agent/author
agent/tags
alias/CVE-2024-29847
alias/CVE-2023-39336
vendor/ivanti
canonical/ivanti connect secure
version/ivanti connect secure/9.0
version/ivanti connect secure/9.0-r1
version/ivanti connect secure/9.0-r2
version/ivanti connect secure/9.0-r2.1
version/ivanti connect secure/9.0-r3
version/ivanti connect secure/9.0-r3.1
version/ivanti connect secure/9.0-r3.2
version/ivanti connect secure/9.0-r3.3
version/ivanti connect secure/9.0-r3.5
version/ivanti connect secure/9.0-r4
version/ivanti connect secure/9.0-r4.1
version/ivanti connect secure/9.0-r5.0
version/ivanti connect secure/9.0-r6.0
version/ivanti connect secure/9.1-r1
version/ivanti connect secure/9.1-r10
version/ivanti connect secure/9.1-r11
version/ivanti connect secure/9.1-r11.3
version/ivanti connect secure/9.1-r11.4
version/ivanti connect secure/9.1-r11.5
version/ivanti connect secure/9.1-r12
version/ivanti connect secure/9.1-r12.1
version/ivanti connect secure/9.1-r13
version/ivanti connect secure/9.1-r13.1
version/ivanti connect secure/9.1-r14
version/ivanti connect secure/9.1-r15
version/ivanti connect secure/9.1-r15.2
version/ivanti connect secure/9.1-r16
version/ivanti connect secure/9.1-r16.1
version/ivanti connect secure/9.1-r17
version/ivanti connect secure/9.1-r17.1
version/ivanti connect secure/9.1-r18
version/ivanti connect secure/9.1-r18.1
version/ivanti connect secure/9.1-r18.2
version/ivanti connect secure/9.1-r2
version/ivanti connect secure/9.1-r3
version/ivanti connect secure/9.1-r4
version/ivanti connect secure/9.1-r4.1
version/ivanti connect secure/9.1-r4.2
version/ivanti connect secure/9.1-r4.3
version/ivanti connect secure/9.1-r5
version/ivanti connect secure/9.1-r6
version/ivanti connect secure/9.1-r7
version/ivanti connect secure/9.1-r8
version/ivanti connect secure/9.1-r8.1
version/ivanti connect secure/9.1-r8.2
version/ivanti connect secure/9.1-r9
version/ivanti connect secure/9.1-r9.1
version/ivanti connect secure/21.9-r1
version/ivanti connect secure/21.12-r1
version/ivanti connect secure/22.1-r1
version/ivanti connect secure/22.1-r6
version/ivanti connect secure/22.2
version/ivanti connect secure/22.2-r1
version/ivanti connect secure/22.3-r1
version/ivanti connect secure/22.4-r1
version/ivanti connect secure/22.4-r2.1
version/ivanti connect secure/22.6
version/ivanti connect secure/22.6-r1
version/ivanti connect secure/22.6-r2
version/ivanti connect secure/22.6-r2.1
canonical/ivanti neurons for zero-trust access
canonical/ivanti policy secure
version/ivanti policy secure/9.0
version/ivanti policy secure/9.0-r1
version/ivanti policy secure/9.0-r2
version/ivanti policy secure/9.0-r2.1
version/ivanti policy secure/9.0-r3
version/ivanti policy secure/9.0-r3.1
version/ivanti policy secure/9.0-r4
version/ivanti policy secure/9.1
version/ivanti policy secure/9.1-r1
version/ivanti policy secure/9.1-r10
version/ivanti policy secure/9.1-r11
version/ivanti policy secure/9.1-r12
version/ivanti policy secure/9.1-r13
version/ivanti policy secure/9.1-r13.1
version/ivanti policy secure/9.1-r14
version/ivanti policy secure/9.1-r15
version/ivanti policy secure/9.1-r16
version/ivanti policy secure/9.1-r17
version/ivanti policy secure/9.1-r18
version/ivanti policy secure/9.1-r18.1
version/ivanti policy secure/9.1-r18.2
version/ivanti policy secure/9.1-r2
version/ivanti policy secure/9.1-r3
version/ivanti policy secure/9.1-r3.1
version/ivanti policy secure/9.1-r4
version/ivanti policy secure/9.1-r4.1
version/ivanti policy secure/9.1-r4.2
version/ivanti policy secure/9.1-r4.3
version/ivanti policy secure/9.1-r5
version/ivanti policy secure/9.1-r6
version/ivanti policy secure/9.1-r7
version/ivanti policy secure/9.1-r8
version/ivanti policy secure/9.1-r8.1
version/ivanti policy secure/9.1-r8.2
version/ivanti policy secure/9.1-r9
version/ivanti policy secure/22.1-r1
version/ivanti policy secure/22.1-r6
version/ivanti policy secure/22.2-r1
version/ivanti policy secure/22.2-r3
version/ivanti policy secure/22.3-r1
version/ivanti policy secure/22.3-r3
version/ivanti policy secure/22.4-r1
version/ivanti policy secure/22.4-r2
version/ivanti policy secure/22.4-r2.1
version/ivanti policy secure/22.5-r1
version/ivanti policy secure/22.6-r1
canonical/ivanti connect secure, policy secure, and neurons

CVE-2024-21893: Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability

Remedy

Never miss a vulnerability like this again

Reference Links

Peer vulnerabilities

Company

Resources

Contact