CVE-2024-37400

Summary

An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service.

Affected Software

VendorProductVersion RangeStatus
IvantiConnect Secure22.7R2.3 < 22.7R2.3affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References