Security News > 2024 > February > Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation

Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation
2024-02-06 06:58

A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique IP addresses that aim to establish a reverse shell, among others. The attacks exploit CVE-2024-21893 (CVSS


News URL

https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-01-31 CVE-2024-21893 Server-Side Request Forgery (SSRF) vulnerability in Ivanti Connect Secure and Policy Secure
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
network
low complexity
ivanti CWE-918
8.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Ivanti 27 0 51 157 75 283