CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22053

A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.038

EPSS Ranking 87.6%

CVSS Severity

CVSS v3 Score 8.2

References

Products affected by CVE-2024-22053

Ivanti » Connect Secure » Version: 22.1

cpe:2.3:a:ivanti:connect_secure:22.1
Ivanti » Connect Secure » Version: 22.2

cpe:2.3:a:ivanti:connect_secure:22.2
Ivanti » Connect Secure » Version: 22.3

cpe:2.3:a:ivanti:connect_secure:22.3
Ivanti » Connect Secure » Version: 22.4

cpe:2.3:a:ivanti:connect_secure:22.4
Ivanti » Connect Secure » Version: 22.5

cpe:2.3:a:ivanti:connect_secure:22.5
Ivanti » Connect Secure » Version: 22.6

cpe:2.3:a:ivanti:connect_secure:22.6
Ivanti » Connect Secure » Version: 9.1

cpe:2.3:a:ivanti:connect_secure:9.1
Ivanti » Policy Secure » Version: 22.1

cpe:2.3:a:ivanti:policy_secure:22.1
Ivanti » Policy Secure » Version: 22.2

cpe:2.3:a:ivanti:policy_secure:22.2
Ivanti » Policy Secure » Version: 22.3

cpe:2.3:a:ivanti:policy_secure:22.3
Ivanti » Policy Secure » Version: 22.4

cpe:2.3:a:ivanti:policy_secure:22.4
Ivanti » Policy Secure » Version: 22.5

cpe:2.3:a:ivanti:policy_secure:22.5
Ivanti » Policy Secure » Version: 22.6

cpe:2.3:a:ivanti:policy_secure:22.6
Ivanti » Policy Secure » Version: 9.0

cpe:2.3:a:ivanti:policy_secure:9.0
Ivanti » Policy Secure » Version: 9.1

cpe:2.3:a:ivanti:policy_secure:9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22053

Products

Pricing

Contact Us