Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges.
Metrics
Affected Vendors & Products
References
History
Sat, 23 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy Secure before version 22.6R1 allow a local authenticated attacker to escalate their privileges. | Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges. |
Wed, 13 Nov 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ivanti
Ivanti connect Secure Ivanti policy Secure |
|
Weaknesses | CWE-732 | |
CPEs | cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:* cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Ivanti
Ivanti connect Secure Ivanti policy Secure |
|
Metrics |
cvssV3_1
|
Wed, 13 Nov 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy Secure before version 22.6R1 allow a local authenticated attacker to escalate their privileges. | |
References |
| |
Metrics |
cvssV3_0
|
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2024-11-13T01:54:45.448Z
Updated: 2024-11-23T21:06:04.916Z
Reserved: 2024-06-28T01:04:08.820Z
Link: CVE-2024-39709
Vulnrichment
Updated: 2024-11-13T18:12:35.915Z
NVD
Status : Awaiting Analysis
Published: 2024-11-13T02:15:18.993
Modified: 2024-11-23T21:15:14.647
Link: CVE-2024-39709
Redhat
No data.