CVE-2024-37401

Summary

An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service.

Affected Software

VendorProductVersion RangeStatus
IvantiConnect Secure22.7R2.1 < 22.7R2.1affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References