New Ivanti Auth Bypass error affects Connect Secure and ZTA gateways

Ivanti Vulnerability

Ivanti has warned customers of yet another serious security flaw in its Connect Secure, Policy Secure and ZTA gateway devices, allowing attackers to bypass authentication.

The problem, tracked as CVE-2024-22024receives a score of 8.3 out of 10 on the CVSS scoring system.

“An external XML entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x), and ZTA gateways that could allow an attacker to gain access access certain restricted resources without authentication,” the company said said for advice.

The company said it discovered the flaw during an internal review as part of its ongoing investigation into multiple security weaknesses in its products that have come to light since the beginning of the year, including CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893.

CVE-2024-22024 affects the following versions of the products:

  • Ivanti Connect Secure (versions 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1)
  • Ivanti Policy Secure (version 22.5R1.1)
  • ZTA (version 22.6R1.3)

Patches for the bug are available in Connect Secure versions 9.1R14.5, 9.1R17.3, 9.1R18.4, 22.4R2.3, 22.5R1.2, 22.5R2.3 and 22.6R2.2; Policy Secure versions 9.1R17.3, 9.1R18.4 and 22.5R1.2; and ZTA versions 22.5R1.6, 22.6R1.5 and 22.6R1.7.

Ivanti said there is no evidence of active exploitation of the flaw, but with CVE-2023-46805, CVE-2024-21887 and CVE-2024-21893 being widely exploited, it is imperative that users take swift action to prevent the apply the latest solutions.

#Ivanti #Auth #Bypass #error #affects #Connect #Secure #ZTA #gateways

Notify of
Inline Feedbacks
View all comments
Previous Post
Critical FortiOS SSL VPN Vulnerability

Fortinet warns of critical FortiOS SSL VPN vulnerability under active exploitation

Next Post
Chinese Hackers

Chinese hackers have been operating undetected in US critical infrastructure for half a decade

Related Posts