Command Injection Vulnerability in Ivanti Connect Secure and Ivanti Policy Secure
CVE-2024-11005
7.2HIGH
What is CVE-2024-11005?
A command injection vulnerability exists in Ivanti Connect Secure and Ivanti Policy Secure prior to specified versions, allowing remote authenticated attackers with administrative privileges to execute arbitrary commands on the affected system. This vulnerability poses a significant risk as it may lead to unauthorized system access and control, emphasizing the importance of updating to the latest secure versions.
Affected Version(s)
Connect Secure 22.7R2.1
Policy Secure 22.7R1.1