A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9
and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution
CVSS
No CVSS.
References
Configurations
No configuration.
History
27 Nov 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
Summary | (en) A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution |
27 Nov 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 and 9.1R18.9 allows a remote authenticated attacker to achieve remote code execution |
22 Nov 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 and 9.1R18.9 allows a remote authenticated attacker to achieve remote code execution |
13 Nov 2024, 17:01
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
12 Nov 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-12 16:15
Updated : 2024-11-27 21:15
NVD link : CVE-2024-9420
Mitre link : CVE-2024-9420
CVE.ORG link : CVE-2024-9420
JSON object : View
Products Affected
No product.
CWE
CWE-416
Use After Free