CVE-2024-9420

A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution
CVSS

No CVSS.

Configurations

No configuration.

History

27 Nov 2024, 21:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : unknown
Summary (en) A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 and 9.1R18.9 allows a remote authenticated attacker to achieve remote code execution (en) A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution

27 Nov 2024, 20:15

Type Values Removed Values Added
Summary (en) A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 and 9.1R18.9 allows a remote authenticated attacker to achieve remote code execution (en) A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 and 9.1R18.9 allows a remote authenticated attacker to achieve remote code execution

22 Nov 2024, 17:15

Type Values Removed Values Added
Summary (en) A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution. (en) A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 and 9.1R18.9 allows a remote authenticated attacker to achieve remote code execution

13 Nov 2024, 17:01

Type Values Removed Values Added
Summary
  • (es) Use-after-free en Ivanti Connect Secure anterior a la versión 22.7R2.3 y en Ivanti Policy Secure anterior a la versión 22.7R1.2 permite que un atacante remoto autenticado logre la ejecución remota de código.

12 Nov 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-12 16:15

Updated : 2024-11-27 21:15


NVD link : CVE-2024-9420

Mitre link : CVE-2024-9420

CVE.ORG link : CVE-2024-9420


JSON object : View

Products Affected

No product.

CWE
CWE-416

Use After Free