Vulnerability Details CVE-2024-21888
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.612
EPSS Ranking 98.2%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-21888
-
cpe:2.3:a:ivanti:connect_secure:21.12
-
cpe:2.3:a:ivanti:connect_secure:21.9
-
cpe:2.3:a:ivanti:connect_secure:22.1
-
cpe:2.3:a:ivanti:connect_secure:22.2
-
cpe:2.3:a:ivanti:connect_secure:22.3
-
cpe:2.3:a:ivanti:connect_secure:22.4
-
cpe:2.3:a:ivanti:connect_secure:22.6
-
cpe:2.3:a:ivanti:connect_secure:9.0
-
cpe:2.3:a:ivanti:connect_secure:9.1
-
cpe:2.3:a:ivanti:policy_secure:22.1
-
cpe:2.3:a:ivanti:policy_secure:22.2
-
cpe:2.3:a:ivanti:policy_secure:22.3
-
cpe:2.3:a:ivanti:policy_secure:22.4
-
cpe:2.3:a:ivanti:policy_secure:22.5
-
cpe:2.3:a:ivanti:policy_secure:22.6
-
cpe:2.3:a:ivanti:policy_secure:9.0
-
cpe:2.3:a:ivanti:policy_secure:9.1