CVE-2024-9420
12.11.2024, 16:15
A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code executionEnginsight
| Vendor | Product | Version |
|---|---|---|
| ivanti | connect_secure | 𝑥 < 9.1 |
| ivanti | connect_secure | 21.9 ≤ 𝑥 < 22.7 |
| ivanti | connect_secure | 9.1 |
| ivanti | connect_secure | 9.1:r1 |
| ivanti | connect_secure | 9.1:r1.0 |
| ivanti | connect_secure | 9.1:r10 |
| ivanti | connect_secure | 9.1:r10.0 |
| ivanti | connect_secure | 9.1:r10.2 |
| ivanti | connect_secure | 9.1:r11 |
| ivanti | connect_secure | 9.1:r11.0 |
| ivanti | connect_secure | 9.1:r11.1 |
| ivanti | connect_secure | 9.1:r11.3 |
| ivanti | connect_secure | 9.1:r11.4 |
| ivanti | connect_secure | 9.1:r11.5 |
| ivanti | connect_secure | 9.1:r12 |
| ivanti | connect_secure | 9.1:r12.1 |
| ivanti | connect_secure | 9.1:r12.2 |
| ivanti | connect_secure | 9.1:r13 |
| ivanti | connect_secure | 9.1:r13.1 |
| ivanti | connect_secure | 9.1:r14 |
| ivanti | connect_secure | 9.1:r14.4 |
| ivanti | connect_secure | 9.1:r15 |
| ivanti | connect_secure | 9.1:r15.2 |
| ivanti | connect_secure | 9.1:r16 |
| ivanti | connect_secure | 9.1:r16.1 |
| ivanti | connect_secure | 9.1:r17 |
| ivanti | connect_secure | 9.1:r17.1 |
| ivanti | connect_secure | 9.1:r17.2 |
| ivanti | connect_secure | 9.1:r18 |
| ivanti | connect_secure | 9.1:r18.1 |
| ivanti | connect_secure | 9.1:r18.2 |
| ivanti | connect_secure | 9.1:r18.3 |
| ivanti | connect_secure | 9.1:r18.7 |
| ivanti | connect_secure | 9.1:r18.8 |
| ivanti | connect_secure | 9.1:r2 |
| ivanti | connect_secure | 9.1:r2.0 |
| ivanti | connect_secure | 9.1:r3 |
| ivanti | connect_secure | 9.1:r3.0 |
| ivanti | connect_secure | 9.1:r4 |
| ivanti | connect_secure | 9.1:r4.0 |
| ivanti | connect_secure | 9.1:r4.1 |
| ivanti | connect_secure | 9.1:r4.2 |
| ivanti | connect_secure | 9.1:r4.3 |
| ivanti | connect_secure | 9.1:r5 |
| ivanti | connect_secure | 9.1:r5.0 |
| ivanti | connect_secure | 9.1:r6 |
| ivanti | connect_secure | 9.1:r6.0 |
| ivanti | connect_secure | 9.1:r7 |
| ivanti | connect_secure | 9.1:r7.0 |
| ivanti | connect_secure | 9.1:r8 |
| ivanti | connect_secure | 9.1:r8.0 |
| ivanti | connect_secure | 9.1:r8.1 |
| ivanti | connect_secure | 9.1:r8.2 |
| ivanti | connect_secure | 9.1:r8.4 |
| ivanti | connect_secure | 9.1:r9 |
| ivanti | connect_secure | 9.1:r9.0 |
| ivanti | connect_secure | 9.1:r9.1 |
| ivanti | connect_secure | 9.1:r9.2 |
| ivanti | connect_secure | 22.7 |
| ivanti | connect_secure | 22.7:r1 |
| ivanti | connect_secure | 22.7:r1.1 |
| ivanti | connect_secure | 22.7:r1.2 |
| ivanti | connect_secure | 22.7:r1.3 |
| ivanti | connect_secure | 22.7:r1.4 |
| ivanti | connect_secure | 22.7:r1.5 |
| ivanti | connect_secure | 22.7:r2 |
| ivanti | connect_secure | 22.7:r2.1 |
| ivanti | connect_secure | 22.7:r2.2 |
| ivanti | policy_secure | 𝑥 < 22.7 |
| ivanti | policy_secure | 22.7 |
| ivanti | policy_secure | 22.7:r1 |
| ivanti | policy_secure | 22.7:r1.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration