vulnerability

Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC) (Multiple CVEs)

Severity
8
CVSS
(AV:N/AC:L/Au:M/C:C/I:C/A:C)
Published
Nov 13, 2024
Added
Nov 14, 2024
Modified
Feb 12, 2025

Description

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Solution(s)

pulse-secure-pulse-connect-secure-upgrade-22_7r2_1pulse-secure-pulse-connect-secure-upgrade-9_1r18_7
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.