Ivanti has alerted clients of yet one more high-severity safety flaw in its Join Safe, Coverage Safe, and ZTA gateway gadgets that would enable attackers to bypass authentication.
The difficulty, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system.
“An XML exterior entity or XXE vulnerability within the SAML part of Ivanti Join Safe (9.x, 22.x), Ivanti Coverage Safe (9.x, 22.x) and ZTA gateways which permits an attacker to entry sure restricted assets with out authentication,” the corporate mentioned in an advisory.
The corporate mentioned it found the flaw throughout an inner evaluate as a part of its ongoing investigation into a number of safety weaknesses within the merchandise which have come to mild because the begin of the yr, together with CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, and CVE-2024-21893.
CVE-2024-22024 impacts the next variations of the merchandise –
- Ivanti Join Safe (variations 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2, and 22.5R1.1)
- Ivanti Coverage Safe (model 22.5R1.1)
- ZTA (model 22.6R1.3)
Patches for the bug can be found in Join Safe variations 9.1R14.5, 9.1R17.3, 9.1R18.4, 22.4R2.3, 22.5R1.2, 22.5R2.3, and 22.6R2.2; Coverage Safe variations 9.1R17.3, 9.1R18.4, and 22.5R1.2; and ZTA variations 22.5R1.6, 22.6R1.5, and 22.6R1.7.
Ivanti mentioned there is no such thing as a proof of lively exploitation of the flaw, however with CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893 coming underneath broad abuse, it is crucial that customers transfer shortly to use the most recent fixes.
