vulnerability

Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure and Policy Secure (CVE-2024-37404)

Severity
8
CVSS
(AV:N/AC:L/Au:M/C:C/I:C/A:C)
Published
Oct 18, 2024
Added
Oct 18, 2024
Modified
Feb 12, 2025

Description

Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution.

Solution(s)

pulse-secure-pulse-connect-secure-upgrade-22_7r2_1pulse-secure-pulse-connect-secure-upgrade-9_1r18_9
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.