vulnerability
Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure and Policy Secure (CVE-2024-37404)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:M/C:C/I:C/A:C) | Oct 18, 2024 | Oct 18, 2024 | Feb 12, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:M/C:C/I:C/A:C)
Published
Oct 18, 2024
Added
Oct 18, 2024
Modified
Feb 12, 2025
Description
Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution.
Solution(s)
pulse-secure-pulse-connect-secure-upgrade-22_7r2_1pulse-secure-pulse-connect-secure-upgrade-9_1r18_9

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.