Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-8539

Summary
Assigner-ivanti
Assigner Org ID-3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Published At-12 Nov, 2024 | 16:11
Updated At-12 Nov, 2024 | 18:26
Rejected At-
Credits

Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:ivanti
Assigner Org ID:3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Published At:12 Nov, 2024 | 16:11
Updated At:12 Nov, 2024 | 18:26
Rejected At:
▼CVE Numbering Authority (CNA)

Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.

Affected Products
Vendor
Ivanti SoftwareIvanti
Product
Secure Access Client
Default Status
affected
Versions
Unaffected
  • 22.7R3 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-267CWE-267: Privilege Defined With Unsafe Actions
Type: CWE
CWE ID: CWE-267
Description: CWE-267: Privilege Defined With Unsafe Actions
Metrics
VersionBase scoreBase severityVector
3.17.1HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-176CAPEC-176 Configuration/Environment Manipulation
CAPEC ID: CAPEC-176
Description: CAPEC-176 Configuration/Environment Manipulation
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs
N/A
Hyperlink: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
Ivanti Softwareivanti
Product
secure_access_client
CPEs
  • cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • 22.7R3
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Published At:12 Nov, 2024 | 17:15
Updated At:17 Jan, 2025 | 20:02

Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.1HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary3.17.1HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CPE Matches
Ivanti Software
ivanti
>>secure_access_client>>Versions before 22.7(exclusive)
cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*
Ivanti Software
ivanti
>>secure_access_client>>22.7
cpe:2.3:a:ivanti:secure_access_client:22.7:-:*:*:*:*:*:*
Ivanti Software
ivanti
>>secure_access_client>>22.7
cpe:2.3:a:ivanti:secure_access_client:22.7:r1:*:*:*:*:*:*
Ivanti Software
ivanti
>>secure_access_client>>22.7
cpe:2.3:a:ivanti:secure_access_client:22.7:r1.1:*:*:*:*:*:*
Ivanti Software
ivanti
>>secure_access_client>>22.7
cpe:2.3:a:ivanti:secure_access_client:22.7:r2:*:*:*:*:*:*
Apple Inc.
apple
>>macos>>-
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>-
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-267Secondary3c1d8aa1-5a33-4ea4-8992-aadd6440af75
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: CWE-267
Type: Secondary
Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Vendor Advisory
Hyperlink: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs
Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

112Records found
CVE-2023-38402
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.1||HIGH
EPSS-0.14% / 34.47%
||
7 Day CHG~0.00%
Published-15 Aug, 2023 | 18:47
Updated-03 Oct, 2024 | 13:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client

A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.Hewlett Packard Enterprise (HPE)
Product-aruba_virtual_intranet_accesswindowsHPE Aruba Networking Virtual Intranet Access (VIA)
CVE-2023-36876
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.1||HIGH
EPSS-0.10% / 28.70%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 17:08
Updated-01 Jan, 2025 | 01:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability

Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-36046
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.1||HIGH
EPSS-0.21% / 43.44%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 17:57
Updated-29 Apr, 2025 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Authentication Denial of Service Vulnerability

Windows Authentication Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_21h2windows_11_22h2windows_server_2022windows_11_23h2Windows 11 version 21H2Windows 11 version 22H3Windows 11 Version 23H2Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-31020
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.02% / 4.09%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 18:56
Updated-05 Sep, 2024 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data tampering.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsvirtual_gpuNVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver
CWE ID-CWE-284
Improper Access Control
CVE-2021-44024
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-7.1||HIGH
EPSS-0.06% / 17.26%
||
7 Day CHG~0.00%
Published-08 Jan, 2022 | 15:51
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-apex_onewindowsworry-free_business_securityworry-free_business_security_servicesTrend Micro Apex OneTrend Micro Worry-Free Business Security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-41057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.17% / 38.29%
||
7 Day CHG~0.00%
Published-14 Nov, 2021 | 20:21
Updated-04 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions.

Action-Not Available
Vendor-wibun/aSiemens AGMicrosoft Corporation
Product-sicam_230pss_esimatic_pcs_neosimatic_process_historianpss_odmscodemeter_runtimewindowspss_capesimatic_wincc_oasimatic_information_serversimitn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-3501
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.1||HIGH
EPSS-0.05% / 13.47%
||
7 Day CHG~0.00%
Published-05 May, 2021 | 22:31
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-h300evirtualizationh500scloud_backupenterprise_linuxvirtualization_hosth300s_firmwareh410c_firmwareh410senterprise_linux_for_real_time_for_nfventerprise_linux_for_real_time_tush300sh300e_firmwarelinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700eh410ch700e_firmwaresolidfire_baseboard_management_controller_firmwareh700senterprise_linux_for_real_time_for_nfv_tusenterprise_linux_for_real_timekernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1492
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.05% / 15.59%
||
7 Day CHG~0.00%
Published-25 Mar, 2021 | 14:25
Updated-08 Nov, 2024 | 23:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Duo Authentication Proxy Installer Denial of Service Vulnerability

The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Duo Authentication Proxy installer, cause Denial of Service (DoS) by deleting file(s), or replace system files to potentially achieve elevation of privileges. This is only exploitable during new installations, while the installer is running, and is not exploitable once installation has finished. Versions 5.2.1 of Duo Authentication Proxy installer addresses this issue.

Action-Not Available
Vendor-duoCisco Systems, Inc.Microsoft Corporation
Product-windowsauthentication_proxyDuo Authentication Proxy
CWE ID-CWE-64
Windows Shortcut Following (.LNK)
CVE-2024-9842
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.3||HIGH
EPSS-0.10% / 28.36%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 16:12
Updated-17 Jan, 2025 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.

Action-Not Available
Vendor-Ivanti SoftwareMicrosoft Corporation
Product-windowssecure_access_clientSecure Access Client
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CWE ID-CWE-267
Privilege Defined With Unsafe Actions
CVE-2024-7571
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.40%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 16:14
Updated-17 Jan, 2025 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

Action-Not Available
Vendor-Ivanti SoftwareMicrosoft Corporation
Product-windowssecure_access_clientSecure Access Clientsecure_access_client
CWE ID-CWE-267
Privilege Defined With Unsafe Actions
CVE-2024-47906
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.56%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 15:59
Updated-17 Jan, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges.

Action-Not Available
Vendor-Ivanti Software
Product-connect_securepolicy_securePolicy SecureConnect Securepolicy_secureconnect_secure
CWE ID-CWE-267
Privilege Defined With Unsafe Actions
CWE ID-CWE-426
Untrusted Search Path
CVE-2023-28049
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-4.7||MEDIUM
EPSS-0.03% / 5.15%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 06:43
Updated-22 Aug, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete.

Action-Not Available
Vendor-Dell Inc.
Product-command_\|_monitorDell Command Monitor (DCM)
CWE ID-CWE-267
Privilege Defined With Unsafe Actions
CWE ID-CWE-269
Improper Privilege Management
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found