- Description
- Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Analyzed
- Products
- virtual_traffic_manager
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
- Exploit added on
- Sep 24, 2024
- Exploit action due
- Oct 15, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2024-7593
@transilienceai
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Ivanti Virtual Traffic Manager RCE Vulnerability (CVE-2024-7593) Exploit Released - CybersecurityNews https://t.co/UwTShCR2OH #cybersecurity #hacking https://t.co/3k8Txw8qPe
@cliffvazquez
14 Dec 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
5 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
4 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Another day, another cyber glitch? This time, it's Ivanti's turn in the hot seat with security flaw CVE-2024-7593. Quiet day at the office? Fancy a spot of rogue admin creation, do we? time for a cuppa and patch-up! #CyberSecurity #IvantiGate https://t.co/nAlkRGPRg9
@LimitedViewX
3 Nov 2024
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Vulnerability #CVE20247593 CISA Warns of Actively Exploited Ivanti vTM Flaw CVE-2024-7593 (CVSS 9.8), PoC Published https://t.co/gGRyRDtC37
@Komodosec
31 Oct 2024
50 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
30 Oct 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
25 Oct 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
23 Oct 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7593
@transilienceai
20 Oct 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_manager:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A48A5557-CEFB-4155-A414-3569E9F5D6B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_manager:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "22109416-9E81-4F13-805F-A0BDDF53E960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_manager:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "3B9BAFB6-C577-432C-A19B-7179352377EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_manager:22.5:r1:*:*:*:*:*:*",
"matchCriteriaId": "1B3A82AC-C456-41B8-9E6E-6FCD7971D5ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_manager:22.6:r1:*:*:*:*:*:*",
"matchCriteriaId": "86D5E856-4801-44A1-96B8-D3796E73B089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:virtual_traffic_manager:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "16704EDE-55BE-46A6-BF52-64902D458A2B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]