Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.
References
Configurations
Configuration 1 (hide)
| AND |
|
History
17 Jan 2025, 20:02
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs - Vendor Advisory | |
| CWE | NVD-CWE-Other | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
| CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:22.7:r1.1:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:22.7:r2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:22.7:r1:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:22.7:-:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:* |
|
| First Time |
Linux
Microsoft windows Apple Linux linux Kernel Apple macos Ivanti secure Access Client Microsoft Ivanti |
12 Nov 2024, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-11-12 17:15
Updated : 2025-01-17 20:02
NVD link : CVE-2024-8539
Mitre link : CVE-2024-8539
JSON object : View
Products Affected
ivanti
- secure_access_client
microsoft
- windows
apple
- macos
linux
- linux_kernel
CWE