Command Injection Vulnerability in Ivanti Connect Secure and Policy Secure
CVE-2024-11006
7.2HIGH
What is CVE-2024-11006?
A command injection vulnerability exists in Ivanti Connect Secure and Ivanti Policy Secure. This security flaw allows a remote authenticated attacker with administrative privileges to execute arbitrary code on the affected systems. Organizations utilizing these products are urged to update to the latest versions to mitigate potential exploitation. Failure to act could lead to unauthorized access and control over critical systems.
Affected Version(s)
Connect Secure 22.7R2.1
Policy Secure 22.7R1.1