Security Advisory

CVE-2024-21887

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-12 17:02:16

Last updated 2025-10-21 23:05:28

Assigner hackerone

State PUBLISHED

Description

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.

← Browse all CVEs View on cve.org ↗