XML External Entity injection in Ivanti Connect Secure (formerly Pulse Connect Secure) and Ivanti Policy Secure (formerly Pulse Policy Secure) - CVE-2024-22023
Published: April 4, 2024
Vulnerability identifier: #VU88142
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-22023
CWE-ID: CWE-611
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Ivanti Connect Secure (formerly Pulse Connect Secure)
Ivanti Policy Secure (formerly Pulse Policy Secure)
Ivanti Connect Secure (formerly Pulse Connect Secure)
Ivanti Policy Secure (formerly Pulse Policy Secure)
Software vendor:
Ivanti
Ivanti
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied XML input within the SAML component. A remote attacker can pass a specially crafted XML data to the system and cause resource exhaustion thereby resulting in a limited-time DoS.
Remediation
Install updates from vendor's website.
External links
- https://www.ivanti.com/blog/security-update-for-ivanti-connect-secure-and-policy-secure
- https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US