QID 731076
Date Published: 2024-01-15
QID 731076: Ivanti Connect Secure (ICS) Multiple Security Vulnerabilities (000089503)
Ivanti Connect Secure (ICS), formerly known as Pulse Connect Secure contain the following vulnerabilities:
CVE-2023-39340: An attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance.
CVE-2023-41719: An attacker impersonating an administrator may craft a specific web request which may lead to remote code execution.
CVE-2023-41720: A local attacker with access to an Ivanti Connect Secure (ICS) appliance can escalate their privileges by exploiting a vulnerable installed application. This vulnerability allows the attacker to gain elevated execution privileges on the affected system.
Affected versions:
Ivanti Connect Secure (ICS) all versions of 9.1Rx
Ivanti Connect Secure (ICS) all versions below 22.6R2
NOTE:
This QID does not check for applied mitigation.
Patched version for 9.x has not been released by vendor yet.
QID Detection Logic (Unauthenticated):
This QID checks for installed vulnerable version of Ivanti Connect Secure (ICS) using endpoint "dana-cached/sc/PulseSecureInstallerService.exe"
Successful exploitation may allow an attacker to execute arbitrary file on the target system.
- Ivanti Connect Secure Security Advisory (000089503) -
forums.ivanti.com/s/article/Security-patch-release-Ivanti-Connect-Secure-22-6R2-and-22-6R2-1?language=en_US
CVEs related to QID 731076
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| Ivanti Connect Secure Security Advisory (000089503) |
forums.ivanti.com/s/article/Security-patch-release-Ivanti-Connect-Secure-22-6R2-and-22-6R2-1?language=en_US |