Vulnerability in Ivanti Secure Access Client Could Allow Privilege Escalation

CVE-2024-37398

7.8HIGH

Key Information

Vendor
Ivanti
Status
Secure Access Client
Vendor
CVE Published:
13 November 2024

Summary

Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

Refferences

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

Collectors

NVD Database
.