CVE-2024-47906

Published Nov 12, 2024

Last updated 4 days ago

CVSS high 7.8

Overview

Description
Excessive binary privileges in Ivanti Connect Secure which affects versions 22.4R2 through 22.7R2.2 inclusive within the R2 release line and Ivanti Policy Secure before version 22.7R1.2 allow a local authenticated attacker to escalate privileges.
Source
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
NVD status
Undergoing Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

3c1d8aa1-5a33-4ea4-8992-aadd6440af75
CWE-267

Social media

Hype score
Not currently trending

  1. CVE-2024-47906 Excessive binary privileges in Ivanti Connect Secure which affects versions 22.4R2 through 22.7R2.2 inclusive within the R2 release line and Ivanti Policy Secure befo… https://t.co/4RTDWZMDSs

    @CVEnew

    12 Nov 2024

    207 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References