CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22052

A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack

Exploit prediction scoring system (EPSS) score

EPSS Score 0.028

EPSS Ranking 85.6%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2024-22052

Ivanti » Connect Secure » Version: 22.1

cpe:2.3:a:ivanti:connect_secure:22.1
Ivanti » Connect Secure » Version: 22.2

cpe:2.3:a:ivanti:connect_secure:22.2
Ivanti » Connect Secure » Version: 22.3

cpe:2.3:a:ivanti:connect_secure:22.3
Ivanti » Connect Secure » Version: 22.4

cpe:2.3:a:ivanti:connect_secure:22.4
Ivanti » Connect Secure » Version: 22.5

cpe:2.3:a:ivanti:connect_secure:22.5
Ivanti » Connect Secure » Version: 22.6

cpe:2.3:a:ivanti:connect_secure:22.6
Ivanti » Connect Secure » Version: 9.1

cpe:2.3:a:ivanti:connect_secure:9.1
Ivanti » Policy Secure » Version: 22.1

cpe:2.3:a:ivanti:policy_secure:22.1
Ivanti » Policy Secure » Version: 22.2

cpe:2.3:a:ivanti:policy_secure:22.2
Ivanti » Policy Secure » Version: 22.3

cpe:2.3:a:ivanti:policy_secure:22.3
Ivanti » Policy Secure » Version: 22.4

cpe:2.3:a:ivanti:policy_secure:22.4
Ivanti » Policy Secure » Version: 22.5

cpe:2.3:a:ivanti:policy_secure:22.5
Ivanti » Policy Secure » Version: 22.6

cpe:2.3:a:ivanti:policy_secure:22.6
Ivanti » Policy Secure » Version: 9.0

cpe:2.3:a:ivanti:policy_secure:9.0
Ivanti » Policy Secure » Version: 9.1

cpe:2.3:a:ivanti:policy_secure:9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22052

Products

Pricing

Contact Us