4.7 - CVE-2024-29211

Executive Summary

Informations
Name	CVE-2024-29211	First vendor Publication	2024-11-13
Vendor	Cve	Last vendor Modification	2024-11-14

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Overall CVSS Score	4.7
Base Score	4.7	Environmental Score	4.7
impact SubScore	3.6	Temporal Score	4.7
Exploitabality Sub Score	1

Attack Vector	Local	Attack Complexity	High
Privileges Required	Low	User Interaction	None
Scope	Unchanged	Confidentiality Impact	None
Integrity Impact	High	Availability Impact	None
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score	N/A	Attack Range	N/A
Cvss Impact Score	N/A	Attack Complexity	N/A
Cvss Expoit Score	N/A	Authentication	N/A
Calculate full CVSS 2.0 Vectors scores

Detail

A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29211

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-362	Race Condition

CPE : Common Platform Enumeration

Type	Description	Count
Application	Ivanti Secure Access Client cpe:2.3:a:ivanti:secure_access_client:22.7:r3:::::: cpe:2.3:a:ivanti:secure_access_client:22.7:r2:::::: cpe:2.3:a:ivanti:secure_access_client:22.7:r1:::::: cpe:2.3:a:ivanti:secure_access_client:22.7:-:::::: cpe:2.3:a:ivanti:secure_access_client:22.6:r1:::::: cpe:2.3:a:ivanti:secure_access_client:22.3:r1:::::: cpe:2.3:a:ivanti:secure_access_client:22.3:r2:::::: cpe:2.3:a:ivanti:secure_access_client:22.3:r3:::::: cpe:2.3:a:ivanti:secure_access_client:22.2:r1:::::: cpe:2.3:a:ivanti:secure_access_client::::::::	10

Sources (Detail)

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-I...

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-15 00:20:34	Multiple Updates
2024-11-14 03:02:02	Multiple Updates
2024-11-14 02:57:42	Multiple Updates
2024-11-13 21:20:30	Multiple Updates
2024-11-13 09:20:30	First insertion

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0258s

Facebook rss twitter linkedin mail