Threat Intelligence / CVE / CVE-2024-21893
CVE-2024-21893
CISA KEVA server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Weaknesses (CWE)
CWE-918
Threats tracking this CVE
- APT35 (Charming Kitten) GCC Pre-Positioning Cyber Reconnaissance Campaign Enabling Kinetic Targeting — CRITICAL
References
- https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US
- https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21893
Full detection coverage & IOCs for threats exploiting CVE-2024-21893 are available via the Threadlinqs MCP server (Purple tier). View plans →