CVE-2024-10644
Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
| Software | From | Fixed in |
|---|---|---|
| ivanti / connect_secure | 22.7-r1.5 | 22.7-r1.5.x |
| ivanti / connect_secure | 22.7-r1.4 | 22.7-r1.4.x |
| ivanti / connect_secure | 22.7-r1.3 | 22.7-r1.3.x |
| ivanti / connect_secure | 22.7-r1.2 | 22.7-r1.2.x |
| ivanti / connect_secure | 22.7-r2.2 | 22.7-r2.2.x |
| ivanti / connect_secure | 22.7-r2.1 | 22.7-r2.1.x |
| ivanti / connect_secure | - | 22.7 |
| ivanti / connect_secure | 22.7 | 22.7.x |
| ivanti / connect_secure | 22.7-r1 | 22.7-r1.x |
| ivanti / connect_secure | 22.7-r1.1 | 22.7-r1.1.x |
| ivanti / connect_secure | 22.7-r2 | 22.7-r2.x |
| ivanti / connect_secure | 22.7-r2.3 | 22.7-r2.3.x |
| ivanti / policy_secure | 22.7 | 22.7.x |
| ivanti / policy_secure | - | 22.7 |
| ivanti / policy_secure | 22.7-r1 | 22.7-r1.x |
| ivanti / policy_secure | 22.7-r1.1 | 22.7-r1.1.x |
| ivanti / policy_secure | 22.7-r1.2 | 22.7-r1.2.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime