CVE-2024-21887
- Source
- https://cve.org/CVERecord?id=CVE-2024-21887
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-21887.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-21887
- Withdrawn
- 2026-05-04T08:42:02.360176Z
- Published
- 2024-01-12T17:15:10.017Z
- Modified
- 2026-05-04T08:42:02.360176Z
- Severity
-
- 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
- References
-
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887
- https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
- http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html
Affected packages
Git /
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r11\\.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r11\\.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r11\\.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r12\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r13\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r15\\.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r16"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r16\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r17\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r4\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r4\\.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r4\\.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r8\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r8\\.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r9\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.1-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.1-r6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.2-NA"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.2-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.3-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.4-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.4-r2\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.5-r2\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.6-NA"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.6-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.6-r2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r13\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r16"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r3\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r4\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r4\\.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r8\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r8\\.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.1-r9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.1-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.1-r6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.2-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.2-r3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.3-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.3-r3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.4-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.4-r2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.4-r2\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.5-r1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.5-r2\\.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "22.6-r1"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-21887.json"