CVE-2024-38655
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88)
Published: Nov 13, 2024 / Updated: 7d ago
010
No CVSS yetEPSS 0.04%
CVE info copied to clipboard
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
Timeline
CVE Assignment
NVD published the first details for CVE-2024-38655
Nov 13, 2024 at 2:15 AM
First Article
Feedly found the first article mentioning CVE-2024-38655. See article
Nov 13, 2024 at 2:21 AM / Vulners.com RSS Feed
CVSS Estimate
Feedly estimated the CVSS score as HIGH
Nov 13, 2024 at 2:21 AM
EPSS
EPSS Score was set to: 0.04% (Percentile: 10.1%)
Nov 13, 2024 at 10:01 AM
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Nessus (211455)
Nov 15, 2024 at 8:16 PM
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Nessus (211467)
Nov 16, 2024 at 12:15 AM
Affected Systems
Ivanti/connect_secure
+null more
Attack Patterns
CAPEC-137: Parameter Injection
+null more
News
Weekly Threat Landscape Digest – Week 47
From sophisticated zero-day exploits to novel malware campaigns, this week’s Hawkeye Security Advisory brings you actionable insights into the latest threats and how to mitigate them. The BrazenBamboo APT group is actively exploiting an unpatched zero-day vulnerability in Fortinet’s FortiClient VPN software for Windows.
Ivanti Policy Secure 22.7R1.2 (Build 1485) Multiple Vulnerabilities
- Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. - Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
Pulse Connect Secure < 22.7R2.1 Multiple Vulnerabilities (000096001)
- Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. - Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
Multiple Vulnerabilities in Ivanti Products (November 2024) - Policy Secure
Development Last Updated: 11/15/2024 CVEs: CVE-2024-29211 , CVE-2024-39709 , CVE-2024-9843 , CVE-2024-38654 , CVE-2024-39711 , CVE-2024-37400 , CVE-2024-11005 , CVE-2024-7571 , CVE-2024-11007 , CVE-2024-8495 , CVE-2024-38656 , CVE-2024-47905 , CVE-2024-37398 , CVE-2024-47907 , CVE-2024-38655 , CVE-2024-38649 , CVE-2024-11004 , CVE-2024-9420 , CVE-2024-11006 , CVE-2024-39710 , CVE-2024-47909 , CVE-2024-8539 , CVE-2024-47906 , CVE-2024-39712
Focus Friday: Third-Party Risk Insights Into Atlassian Jira, Ivanti Connect Secure, and Nostromo nhttpd Vulnerabilities With Black Kite’s FocusTags™
Black Kite’s FocusTag™ for Atlassian Jira, published on November 13, 2024, enables TPRM professionals to identify vendors potentially affected by CVE-2021-26086. Third-Party Risk Management (TPRM) professionals should be concerned about CVE-2021-26086 because it allows unauthorized access to sensitive files on vulnerable Jira instances.
See 11 more articles and social media posts