CVE-2024-7593

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 13, 2024

Updated: Sep 25, 2024

CWE ID 287

CWE ID 303

Summary

CVE-2024-7593 is a newly disclosed vulnerability affecting Ivanti's vTM solution, excluding versions 22.2R1 and 22.7R2. This issue arises due to an incorrect implementation of an authentication algorithm, enabling a remote, unauthenticated attacker to bypass the admin panel's authentication. Successful exploitation could potentially grant the attacker administrative access to the affected system, posing a significant risk to organizational security. It is crucial for Ivanti users to update their software to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Ivanti Software Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xk3PPl
https://www.cve.org/CVERecord?id=CVE-2024-7593
https://nvd.nist.gov/vuln/detail/CVE-2024-7593

Back to Vulnerability Database

CVE-2024-7593

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations