Statements (20)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:CVE_Identifier
|
| gptkbp:affects |
gptkb:Ivanti_Connect_Secure
gptkb:Ivanti_Policy_Secure |
| gptkbp:describes |
An authentication bypass vulnerability in the SAML component of Ivanti Connect Secure and Ivanti Policy Secure.
|
| gptkbp:hasAttackVector |
gptkb:network_protocol
|
| gptkbp:hasAuthenticationRequired |
None
|
| gptkbp:hasCVSSScore |
8.2
|
| gptkbp:hasCWE |
gptkb:CWE-287
|
| gptkbp:hasExploitStatus |
Exploited in the wild
|
| gptkbp:hasPatchAvailable |
Yes
|
| gptkbp:hasSeverity |
High
|
| gptkbp:influencedBy |
Allows unauthenticated remote attackers to bypass authentication controls
|
| gptkbp:mainVendors |
gptkb:Ivanti
|
| gptkbp:publicDisclosure |
2024-01-31
|
| gptkbp:referencedIn |
https://nvd.nist.gov/vuln/detail/CVE-2024-21893
https://www.ivanti.com/blog/ivanti-releases-security-update-for-connect-secure-and-policy-secure-gateways |
| gptkbp:vulnerableTo |
gptkb:Authentication_Bypass
|
| gptkbp:bfsParent |
gptkb:Pulse_Connect_Secure
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2024-21893
|