Описание
A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker with a foothold on an Ivanti Connect Secure (ICS) appliance can escalate their privileges by exploiting a vulnerable installed application. This vulnerability allows the attacker to gain elevated execution privileges on the affected system.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.4:r2.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.5:r1.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.5:r2.1:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00125
Низкий
7 High
CVSS3
7.8 High
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7
github
около 2 лет назад
A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker with a foothold on an Ivanti Connect Secure (ICS) appliance can escalate their privileges by exploiting a vulnerable installed application. This vulnerability allows the attacker to gain elevated execution privileges on the affected system.
EPSS
Процентиль: 32%
0.00125
Низкий
7 High
CVSS3
7.8 High
CVSS3
Дефекты
NVD-CWE-noinfo