CVE-2024-21893

GPTKB entity

Statements (20)
Predicate Object
gptkbp:instanceOf CVE Identifier
gptkbp:affects gptkb:Ivanti_Connect_Secure
gptkb:Ivanti_Policy_Secure
gptkbp:describes An authentication bypass vulnerability in the SAML component of Ivanti Connect Secure and Ivanti Policy Secure.
gptkbp:hasAttackVector gptkb:network_protocol
gptkbp:hasAuthenticationRequired nan
gptkbp:hasCVSSScore 8.2
gptkbp:hasCWE gptkb:CWE-287
gptkbp:hasExploitStatus Exploited in the wild
gptkbp:hasPatchAvailable Yes
gptkbp:hasSeverity High
https://www.w3.org/2000/01/rdf-schema#label CVE-2024-21893
gptkbp:influencedBy Allows unauthenticated remote attackers to bypass authentication controls
gptkbp:mainVendors gptkb:Ivanti
gptkbp:publicDisclosure 2024-01-31
gptkbp:referencedIn https://nvd.nist.gov/vuln/detail/CVE-2024-21893
https://www.ivanti.com/blog/ivanti-releases-security-update-for-connect-secure-and-policy-secure-gateways
gptkbp:vulnerableTo gptkb:Authentication_Bypass
gptkbp:bfsParent gptkb:Pulse_Connect_Secure
gptkbp:bfsLayer 7