CVE-2024-9842

CVSS V2 None CVSS V3 None
Description
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.
Overview
  • CVE ID
  • CVE-2024-9842
  • Assigner
  • ivanti
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-11-12T16:12:12.164Z
  • Last Modified Date
  • 2024-11-12T18:24:53.695Z
Weakness Enumerations
CWE URL
CWE-732 http://cwe.mitre.org/data/definitions/732.html
CWE-267 http://cwe.mitre.org/data/definitions/267.html
References
Reference URL Reference Tags
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2024-9842
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9842
History
Created Old Value New Value Data Type Notes
2024-11-13 13:51:16 Added to TrackCVE