Home

CVE-2024-47909

Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.

Risk Information

Base Score
4.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.618

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.6Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r1.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r1.2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r1.3Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r1.4Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r1.5Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r2.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r2.2Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234