CVE-2024-22024 Scanner
Detects 'XXE' vulnerability in Ivanti Connect Secure products
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Domain, Ipv4
Toolbox
-
Ivanti Connect Secure is a remote access solution designed to provide secure connections for users to access corporate networks and resources remotely. It is commonly used by organizations to enable remote work capabilities while maintaining security standards. Ivanti Connect Secure ensures encrypted and authenticated connections between remote users and corporate networks, facilitating secure access to applications and data from anywhere, at any time.
The vulnerability detected in Ivanti Connect Secure is an XML External Entity (XXE) injection flaw. This vulnerability allows an attacker to inject malicious XML entities into XML documents processed by the application, potentially leading to unauthorized access to sensitive information or even remote code execution on the server.
The vulnerability resides in the '/dana-na/auth/saml-sso.cgi' endpoint of Ivanti Connect Secure, where it fails to properly validate and sanitize XML input. By crafting a specially crafted XML payload containing malicious entities, an attacker can trigger the XXE vulnerability, leading to unauthorized access to sensitive data or potential remote code execution on the server.
Exploiting this vulnerability can allow attackers to access sensitive information stored on the server or execute arbitrary code in the context of the application, potentially leading to complete compromise of the affected system. Attackers can leverage this vulnerability to steal sensitive data, launch further attacks against other systems, or disrupt the normal operation of the application.
By leveraging the security scanning capabilities of the securityforeveryone platform, you can identify critical vulnerabilities like XXE in Ivanti Connect Secure before they are exploited by malicious actors. Join our platform to proactively protect your organization's remote access infrastructure and ensure the security of your sensitive data and resources.
References
control security posture