Summary
| Detail | |||
|---|---|---|---|
| Vendor | Ivanti | First view | 2019-04-12 |
| Product | Connect Secure | Last view | 2025-07-08 |
| Version | 8.1 | Type | Application |
| Update | r11.0 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:ivanti:connect_secure | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2025-07-08 | CVE-2025-5464 | Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 allows a local authenticated attacker to obtain that information. |
| 0 | 2025-07-08 | CVE-2025-5463 | Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information. |
| 0 | 2025-07-08 | CVE-2025-5451 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service. |
| 2.7 | 2025-07-08 | CVE-2025-5450 | Improper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated admin with read-only rights to modify settings that should be restricted. |
| 2.7 | 2025-07-08 | CVE-2025-0293 | CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to write to a protected configuration file on disk. |
| 4.9 | 2025-07-08 | CVE-2025-0292 | SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to access internal network services. |
| 9.8 | 2025-04-03 | CVE-2025-22457 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. |
| 4.9 | 2025-02-21 | CVE-2024-38657 | External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write arbitrary files. |
| 8.8 | 2025-02-11 | CVE-2025-22467 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution. |
| 4.4 | 2025-02-11 | CVE-2024-13843 | Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data. |
| 4.4 | 2025-02-11 | CVE-2024-13842 | A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data. |
| 6.1 | 2025-02-11 | CVE-2024-13830 | Reflected XSS in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required. |
| 4.9 | 2025-02-11 | CVE-2024-12058 | External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files. |
| 7.2 | 2025-02-11 | CVE-2024-10644 | Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution. |
| 7 | 2025-01-08 | CVE-2025-0283 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges. |
| 0 | 2024-12-12 | CVE-2024-37401 | An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service. |
| 0 | 2024-12-12 | CVE-2024-37377 | A heap-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service. |
| 8.8 | 2024-12-10 | CVE-2024-9844 | Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions. |
| 7.2 | 2024-12-10 | CVE-2024-11634 | Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. (Not applicable to 9.1Rx) |
| 7.2 | 2024-12-10 | CVE-2024-11633 | Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution |
| 0 | 2024-11-13 | CVE-2024-39712 | Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. |
| 0 | 2024-11-13 | CVE-2024-39711 | Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. |
| 0 | 2024-11-13 | CVE-2024-39710 | Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. |
| 0 | 2024-11-13 | CVE-2024-39709 | Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges. |
| 0 | 2024-11-13 | CVE-2024-38656 | Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 12% (6) | CWE-787 | Out-of-bounds Write |
| 12% (6) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 8% (4) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
| 6% (3) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 6% (3) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 4% (2) | CWE-611 | Information Leak Through XML External Entity File Disclosure |
| 4% (2) | CWE-532 | Information Leak Through Log Files |
| 4% (2) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 4% (2) | CWE-121 | Stack-based Buffer Overflow |
| 2% (1) | CWE-682 | Incorrect Calculation |
| 2% (1) | CWE-669 | Incorrect Resource Transfer Between Spheres |
| 2% (1) | CWE-602 | Client-Side Enforcement of Server-Side Security |
| 2% (1) | CWE-476 | NULL Pointer Dereference |
| 2% (1) | CWE-434 | Unrestricted Upload of File with Dangerous Type |
| 2% (1) | CWE-426 | Untrusted Search Path |
| 2% (1) | CWE-416 | Use After Free |
| 2% (1) | CWE-384 | Session Fixation |
| 2% (1) | CWE-321 | Use of Hard-coded Cryptographic Key |
| 2% (1) | CWE-312 | Cleartext Storage of Sensitive Information |
| 2% (1) | CWE-287 | Improper Authentication |
| 2% (1) | CWE-276 | Incorrect Default Permissions |
| 2% (1) | CWE-200 | Information Exposure |
| 2% (1) | CWE-93 | Failure to Sanitize CRLF Sequences ('CRLF Injection') |
| 2% (1) | CWE-88 | Argument Injection or Modification |
| 2% (1) | CWE-77 | Improper Sanitization of Special Elements used in a Command ('Comma... |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-10-15 | Pulse Connect Secure SSL VPN command injection attempt RuleID : 55640 - Type : SERVER-WEBAPP - Revision : 1 |
| 2020-10-15 | Pulse Connect Secure SSL VPN command injection attempt RuleID : 55639 - Type : SERVER-WEBAPP - Revision : 1 |
| 2020-10-15 | Pulse Connect Secure SSL VPN command injection attempt RuleID : 55638 - Type : SERVER-WEBAPP - Revision : 1 |
| 2020-10-15 | Pulse Connect Secure SSL VPN command injection attempt RuleID : 55637 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-10-10 | NFS server /etc/passwd symlink creation attempt RuleID : 51478 - Type : SERVER-OTHER - Revision : 1 |
| 2019-10-10 | NFS server /etc/passwd symlink creation attempt RuleID : 51476 - Type : SERVER-OTHER - Revision : 1 |
| 2019-09-24 | Pulse Secure VPN command injection attempt RuleID : 51243 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-24 | Pulse Secure VPN command injection attempt RuleID : 51242 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-24 | Pulse Secure VPN command injection attempt RuleID : 51241 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-24 | Pulse Secure VPN command injection attempt RuleID : 51240 - Type : SERVER-WEBAPP - Revision : 1 |
