What is the severity of CVE-2024-22023?

CVE-2024-22023 has a severity rating that indicates a potential for temporary resource exhaustion and a limited Denial of Service (DoS) for affected systems.

How do I fix CVE-2024-22023?

To address CVE-2024-22023, it is recommended that users apply the latest security patches provided by Ivanti for affected versions of Connect Secure and Policy Secure.

Which versions of Ivanti software are affected by CVE-2024-22023?

CVE-2024-22023 affects Ivanti Connect Secure versions 9.x and 22.x, as well as Ivanti Policy Secure versions 9.x and 22.x.

Can CVE-2024-22023 be exploited remotely?

Yes, an unauthenticated attacker can exploit CVE-2024-22023 remotely by sending specially crafted XML requests.

What type of attack is CVE-2024-22023 associated with?

CVE-2024-22023 is associated with XML Entity Expansion (XEE) attacks that can lead to resource exhaustion.

Vulnerability/
CVE-2024-22023

medium

5.3

CWE

611 476 703

4/4/2024

3/10/2024

CVE-2024-22023: XEE

First published: Thu Apr 04 2024(Updated: )

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.

Credit: support@hackerone.com

Affected Software	Affected Version	How to fix
Ivanti Connect Secure (ICS) VPN	=9.1-r1
Ivanti Connect Secure (ICS) VPN	=9.1-r10
Ivanti Connect Secure (ICS) VPN	=9.1-r11
Ivanti Connect Secure (ICS) VPN	=9.1-r11.5
Ivanti Connect Secure (ICS) VPN	=9.1-r12
Ivanti Connect Secure (ICS) VPN	=9.1-r13
Ivanti Connect Secure (ICS) VPN	=9.1-r14
Ivanti Connect Secure (ICS) VPN	=9.1-r15
Ivanti Connect Secure (ICS) VPN	=9.1-r16
Ivanti Connect Secure (ICS) VPN	=9.1-r17
Ivanti Connect Secure (ICS) VPN	=9.1-r18
Ivanti Connect Secure (ICS) VPN	=9.1-r2
Ivanti Connect Secure (ICS) VPN	=9.1-r3
Ivanti Connect Secure (ICS) VPN	=9.1-r4
Ivanti Connect Secure (ICS) VPN	=9.1-r4.1
Ivanti Connect Secure (ICS) VPN	=9.1-r4.2
Ivanti Connect Secure (ICS) VPN	=9.1-r4.3
Ivanti Connect Secure (ICS) VPN	=9.1-r5
Ivanti Connect Secure (ICS) VPN	=9.1-r6
Ivanti Connect Secure (ICS) VPN	=9.1-r7
Ivanti Connect Secure (ICS) VPN	=9.1-r8
Ivanti Connect Secure (ICS) VPN	=9.1-r9
Ivanti Connect Secure (ICS) VPN	=22.1
Ivanti Connect Secure (ICS) VPN	=22.2
Ivanti Connect Secure (ICS) VPN	=22.3
Ivanti Connect Secure (ICS) VPN	=22.4
Ivanti Connect Secure (ICS) VPN	=22.5
Ivanti Connect Secure (ICS) VPN	=22.6
Pulse Policy Secure	=9.0
Pulse Policy Secure	=9.0-r1
Pulse Policy Secure	=9.0-r2
Pulse Policy Secure	=9.0-r2.1
Pulse Policy Secure	=9.0-r3
Pulse Policy Secure	=9.0-r3.1
Pulse Policy Secure	=9.0-r4
Pulse Policy Secure	=9.1
Pulse Policy Secure	=9.1-r1
Pulse Policy Secure	=9.1-r10
Pulse Policy Secure	=9.1-r11
Pulse Policy Secure	=9.1-r12
Pulse Policy Secure	=9.1-r13
Pulse Policy Secure	=9.1-r14
Pulse Policy Secure	=9.1-r15
Pulse Policy Secure	=9.1-r16
Pulse Policy Secure	=9.1-r17
Pulse Policy Secure	=9.1-r18
Pulse Policy Secure	=9.1-r2
Pulse Policy Secure	=9.1-r3
Pulse Policy Secure	=9.1-r4
Pulse Policy Secure	=9.1-r5
Pulse Policy Secure	=9.1-r6
Pulse Policy Secure	=9.1-r7
Pulse Policy Secure	=9.1-r8
Pulse Policy Secure	=9.1-r9
Pulse Policy Secure	=22.1
Pulse Policy Secure	=22.2
Pulse Policy Secure	=22.3
Pulse Policy Secure	=22.4
Pulse Policy Secure	=22.5
Pulse Policy Secure	=22.6

Never miss a vulnerability like this again

Reference Links

https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

Frequently Asked Questions

What is the severity of CVE-2024-22023?
CVE-2024-22023 has a severity rating that indicates a potential for temporary resource exhaustion and a limited Denial of Service (DoS) for affected systems.
How do I fix CVE-2024-22023?
To address CVE-2024-22023, it is recommended that users apply the latest security patches provided by Ivanti for affected versions of Connect Secure and Policy Secure.
Which versions of Ivanti software are affected by CVE-2024-22023?
CVE-2024-22023 affects Ivanti Connect Secure versions 9.x and 22.x, as well as Ivanti Policy Secure versions 9.x and 22.x.
Can CVE-2024-22023 be exploited remotely?
Yes, an unauthenticated attacker can exploit CVE-2024-22023 remotely by sending specially crafted XML requests.
What type of attack is CVE-2024-22023 associated with?
CVE-2024-22023 is associated with XML Entity Expansion (XEE) attacks that can lead to resource exhaustion.

agent/references
agent/description
agent/type
agent/first-publish-date
agent/event
agent/author
agent/severity
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/ivanti
canonical/ivanti connect secure (ics) vpn
version/ivanti connect secure (ics) vpn/9.1-r1
version/ivanti connect secure (ics) vpn/9.1-r10
version/ivanti connect secure (ics) vpn/9.1-r11
version/ivanti connect secure (ics) vpn/9.1-r11.5
version/ivanti connect secure (ics) vpn/9.1-r12
version/ivanti connect secure (ics) vpn/9.1-r13
version/ivanti connect secure (ics) vpn/9.1-r14
version/ivanti connect secure (ics) vpn/9.1-r15
version/ivanti connect secure (ics) vpn/9.1-r16
version/ivanti connect secure (ics) vpn/9.1-r17
version/ivanti connect secure (ics) vpn/9.1-r18
version/ivanti connect secure (ics) vpn/9.1-r2
version/ivanti connect secure (ics) vpn/9.1-r3
version/ivanti connect secure (ics) vpn/9.1-r4
version/ivanti connect secure (ics) vpn/9.1-r4.1
version/ivanti connect secure (ics) vpn/9.1-r4.2
version/ivanti connect secure (ics) vpn/9.1-r4.3
version/ivanti connect secure (ics) vpn/9.1-r5
version/ivanti connect secure (ics) vpn/9.1-r6
version/ivanti connect secure (ics) vpn/9.1-r7
version/ivanti connect secure (ics) vpn/9.1-r8
version/ivanti connect secure (ics) vpn/9.1-r9
version/ivanti connect secure (ics) vpn/22.1
version/ivanti connect secure (ics) vpn/22.2
version/ivanti connect secure (ics) vpn/22.3
version/ivanti connect secure (ics) vpn/22.4
version/ivanti connect secure (ics) vpn/22.5
version/ivanti connect secure (ics) vpn/22.6
canonical/pulse policy secure
version/pulse policy secure/9.0
version/pulse policy secure/9.0-r1
version/pulse policy secure/9.0-r2
version/pulse policy secure/9.0-r2.1
version/pulse policy secure/9.0-r3
version/pulse policy secure/9.0-r3.1
version/pulse policy secure/9.0-r4
version/pulse policy secure/9.1
version/pulse policy secure/9.1-r1
version/pulse policy secure/9.1-r10
version/pulse policy secure/9.1-r11
version/pulse policy secure/9.1-r12
version/pulse policy secure/9.1-r13
version/pulse policy secure/9.1-r14
version/pulse policy secure/9.1-r15
version/pulse policy secure/9.1-r16
version/pulse policy secure/9.1-r17
version/pulse policy secure/9.1-r18
version/pulse policy secure/9.1-r2
version/pulse policy secure/9.1-r3
version/pulse policy secure/9.1-r4
version/pulse policy secure/9.1-r5
version/pulse policy secure/9.1-r6
version/pulse policy secure/9.1-r7
version/pulse policy secure/9.1-r8
version/pulse policy secure/9.1-r9
version/pulse policy secure/22.1
version/pulse policy secure/22.2
version/pulse policy secure/22.3
version/pulse policy secure/22.4
version/pulse policy secure/22.5
version/pulse policy secure/22.6