Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88)
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
NVD published the first details for CVE-2024-39712
Feedly found the first article mentioning CVE-2024-39712. See article
Feedly estimated the CVSS score as HIGH
EPSS Score was set to: 0.04% (Percentile: 10.1%)
Detection for the vulnerability has been added to Nessus (211454)
Detection for the vulnerability has been added to Nessus (211467)