- Description
- Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
- Exploit added on
- Sep 24, 2024
- Exploit action due
- Oct 15, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
Ivanti Virtual Traffic Manager RCE Vulnerability (CVE-2024-7593) Exploit Released - CybersecurityNews https://t.co/UwTShCR2OH #cybersecurity #hacking https://t.co/3k8Txw8qPe
@cliffvazquez
14 Dec 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
5 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
4 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Another day, another cyber glitch? This time, it's Ivanti's turn in the hot seat with security flaw CVE-2024-7593. Quiet day at the office? Fancy a spot of rogue admin creation, do we? time for a cuppa and patch-up! #CyberSecurity #IvantiGate https://t.co/nAlkRGPRg9
@LimitedViewX
3 Nov 2024
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Vulnerability #CVE20247593 CISA Warns of Actively Exploited Ivanti vTM Flaw CVE-2024-7593 (CVSS 9.8), PoC Published https://t.co/gGRyRDtC37
@Komodosec
31 Oct 2024
50 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
30 Oct 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
25 Oct 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
23 Oct 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
20 Oct 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_management:22.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5652006-FA06-419F-90DB-B23195E1383C"
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_management:22.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63BF5D63-D156-4BEB-9F7B-35AF9DEABDAD"
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_management:22.3:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F23C040-4451-4CBF-B9A8-741C404121D8"
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_management:22.5:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A4F948D-F3AE-451A-A68A-013900133B83"
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_management:22.6:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32931B52-335D-4887-9B2B-4DE42589496D"
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_management:22.7:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F1CCCDD-05F4-430A-979B-B050E75FE3B0"
}
],
"operator": "OR"
}
]
}
]