CVE-2024-22024: XEE
First published: Tue Feb 13 2024(Updated: )
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
Credit: support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ivanti Pulse Connect Secure | =9.1-r14.4 | |
| Ivanti Pulse Connect Secure | =9.1-r17.2 | |
| Ivanti Pulse Connect Secure | =9.1-r18.3 | |
| Ivanti Pulse Connect Secure | =22.4-r2.2 | |
| Ivanti Pulse Connect Secure | =22.5-r1.1 | |
| Ivanti Pulse Connect Secure | =22.5-r2.2 | |
| Ivanti Connect Secure | =22.5-r1.1 | |
| Ivanti ZTA gateways | =22.6-r1.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/ivanti-patch-new-connect-secure-auth-bypass-bug-immediately/
- https://www.theregister.com/2024/02/09/ivanti_discloses_fifth_ics_vulnerability/
- https://www.bleepingcomputer.com/news/security/over-13-000-ivanti-gateways-vulnerable-to-actively-exploited-bugs/
- https://www.bleepingcomputer.com/news/security/cisa-warns-against-using-hacked-ivanti-devices-even-after-factory-resets/
- https://www.bleepingcomputer.com/news/security/cisa-cautions-against-using-hacked-ivanti-vpn-gateways-even-after-factory-resets/
- https://www.bleepingcomputer.com/news/security/ivanti-fixes-critical-standalone-sentry-bug-reported-by-nato/
- https://www.bleepingcomputer.com/news/security/ivanti-fixes-vpn-gateway-vulnerability-allowing-rce-dos-attacks/
- https://www.bleepingcomputer.com/news/security/new-ivanti-rce-flaw-may-impact-16-000-exposed-vpn-gateways/
- https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US
- https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-vtm-auth-bypass-with-public-exploit/
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2024-22024?
CVE-2024-22024 is considered a high-severity vulnerability due to its potential for unauthorized access to restricted resources.
How do I fix CVE-2024-22024?
To fix CVE-2024-22024, update your Ivanti Connect Secure or Policy Secure systems to the latest patched versions provided by Ivanti.
Which Ivanti products are affected by CVE-2024-22024?
CVE-2024-22024 affects Ivanti Connect Secure versions 9.x and 22.x, Ivanti Policy Secure versions 9.x and 22.x, and ZTA gateways.
What type of attack does CVE-2024-22024 facilitate?
CVE-2024-22024 facilitates XML external entity (XXE) attacks, allowing attackers to access sensitive resources without authentication.
Is CVE-2024-22024 actively being exploited?
Yes, CVE-2024-22024 has been reported as actively exploited in the wild, making patching and mitigation urgent.
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-22024
- alias/CVE-2023-46805
- alias/CVE-2024-21887
- alias/CVE-2024-21893
- agent/type
- collector/the-register
- source/The Register
- agent/author
- agent/description
- agent/first-publish-date
- alias/CVE-2024-21888
- alias/CVE-2021-22893
- agent/weakness
- agent/severity
- alias/CVE-2023-41724
- alias/CVE-2023-46808
- collector/epss-latest
- source/FIRST
- agent/epss
- alias/CVE-2024-21894
- zeroday/true
- agent/news-ai
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- alias/CVE-2024-7593
- alias/CVE-2024-7569
- agent/references
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/ivanti
- canonical/ivanti pulse connect secure
- version/ivanti pulse connect secure/9.1-r14.4
- version/ivanti pulse connect secure/9.1-r17.2
- version/ivanti pulse connect secure/9.1-r18.3
- version/ivanti pulse connect secure/22.4-r2.2
- version/ivanti pulse connect secure/22.5-r1.1
- version/ivanti pulse connect secure/22.5-r2.2
- canonical/ivanti connect secure
- version/ivanti connect secure/22.5-r1.1
- canonical/ivanti zta gateways
- version/ivanti zta gateways/22.6-r1.3