CVE-2024-22023

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
hackeroneCNA
5.3 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
ivanticonnect_secure
9.1:r1
ivanticonnect_secure
9.1:r10
ivanticonnect_secure
9.1:r11
ivanticonnect_secure
9.1:r11.5
ivanticonnect_secure
9.1:r12
ivanticonnect_secure
9.1:r13
ivanticonnect_secure
9.1:r14
ivanticonnect_secure
9.1:r15
ivanticonnect_secure
9.1:r16
ivanticonnect_secure
9.1:r17
ivanticonnect_secure
9.1:r18
ivanticonnect_secure
9.1:r2
ivanticonnect_secure
9.1:r3
ivanticonnect_secure
9.1:r4
ivanticonnect_secure
9.1:r4.1
ivanticonnect_secure
9.1:r4.2
ivanticonnect_secure
9.1:r4.3
ivanticonnect_secure
9.1:r5
ivanticonnect_secure
9.1:r6
ivanticonnect_secure
9.1:r7
ivanticonnect_secure
9.1:r8
ivanticonnect_secure
9.1:r9
ivanticonnect_secure
22.1
ivanticonnect_secure
22.2
ivanticonnect_secure
22.3
ivanticonnect_secure
22.4
ivanticonnect_secure
22.5
ivanticonnect_secure
22.6
ivantipolicy_secure
9.0
ivantipolicy_secure
9.0:r1
ivantipolicy_secure
9.0:r2
ivantipolicy_secure
9.0:r2.1
ivantipolicy_secure
9.0:r3
ivantipolicy_secure
9.0:r3.1
ivantipolicy_secure
9.0:r4
ivantipolicy_secure
9.1
ivantipolicy_secure
9.1:r1
ivantipolicy_secure
9.1:r10
ivantipolicy_secure
9.1:r11
ivantipolicy_secure
9.1:r12
ivantipolicy_secure
9.1:r13
ivantipolicy_secure
9.1:r14
ivantipolicy_secure
9.1:r15
ivantipolicy_secure
9.1:r16
ivantipolicy_secure
9.1:r17
ivantipolicy_secure
9.1:r18
ivantipolicy_secure
9.1:r2
ivantipolicy_secure
9.1:r3
ivantipolicy_secure
9.1:r4
ivantipolicy_secure
9.1:r5
ivantipolicy_secure
9.1:r6
ivantipolicy_secure
9.1:r7
ivantipolicy_secure
9.1:r8
ivantipolicy_secure
9.1:r9
ivantipolicy_secure
22.1
ivantipolicy_secure
22.2
ivantipolicy_secure
22.3
ivantipolicy_secure
22.4
ivantipolicy_secure
22.5
ivantipolicy_secure
22.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US