HTTP: Ivanti Connect Secure and Policy Secure Gateways Authentication Bypass
This signature detects attempts to exploit a known vulnerability against Ivanti Connect Secure . A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Affected Products
Ivanti policy_secure
References
CVE: CVE-2024-21887
Short Name
HTTP:DIR:IVANTI-CT-AUTH-BYPASS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Authentication Bypass CVE-2023-46805 CVE-2024-21887 Connect Gateways Ivanti Policy Secure and
Release Date
01/25/2024
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3674
False Positive
Unknown
Vendors
Ivanti