CVE-2024-21888

216.73.217.22

· Published 31/01/2024 19:15 · Modified 21/12/2025 03:10 · Author: The MITRE Corporation

Labels: CVE-2024-21888

Essential information

Published: 31/01/2024 19:15
Modified: 21/12/2025 03:10
Author: The MITRE Corporation
Creator: The MITRE Corporation
CVSS: 8.8 HIGH (v3.1)
CISA KEV: No
CWE: —
CVSS vector: CVSS:3.1/AV:N/C:H/I:H/A:H

CVSS metrics

Description

A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.

NVD status

NVD: View on NVD