Security Advisory

CVE-2024-22023

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-04 19:45:10

Last updated 2024-10-03 21:38:58

Assigner hackerone

State PUBLISHED

Description

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.

← Browse all CVEs View on cve.org ↗