PT-2024-23068 · Ivanti · Ivanti Dsm
Published
2024-10-18
·
Updated
2024-10-21
·
CVE-2024-29821
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Ivanti DSM versions prior to 2024.2
Description
The issue allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via an unspecified attack vector.
Recommendations
For Ivanti DSM versions prior to 2024.2, update to version 2024.2 or later to resolve the issue.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ivanti Dsm