A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published: 2024-01-31T17:51:35.095Z

Updated: 2024-08-01T22:35:33.414Z

Reserved: 2024-01-03T01:04:06.539Z

Link: CVE-2024-21893

cve-icon Vulnrichment

Updated: 2024-08-01T22:35:33.414Z

cve-icon NVD

Status : Analyzed

Published: 2024-01-31T18:15:47.437

Modified: 2024-08-14T19:51:42.643

Link: CVE-2024-21893

cve-icon Redhat

No data.