Feb. 1, 2024, 5:10 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

On January 31, 2024, Ivanti published an article disclosing two high severity vulnerabilities:  CVE-2024-21893: A server-side request forgery flaw present in the SAML component of Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons. This vulnerability allows an unauthenticated threat actor to access restricted resources. Ivanti reports that a limited number of customers have been … CVE-2024-21893: New Ivanti Zero-Day Vulnerability Actively Exploited

Article Link: CVE-2024-21893 | Arctic Wolf

1 post - 1 participant

Read full topic

access actively exploited actor article connect customers cve cve-2024-21893 exploited flaw forgery high ivanti ivanti connect secure ivanti neurons ivanti policy secure january policy reports request resources restricted saml server server-side request forgery severity threat threat actor unauthenticated vulnerabilities vulnerability zero-day zero-day vulnerability

Deputy Chief Information Security Officer

@ United States Holocaust Memorial Museum | Washington, DC

Humbly Confident Security Lead

@ YNAB | Remote

Information Technology Specialist II: Information Security Engineer

@ WBCP, Inc. | Pasadena, CA.

Senior Cloud Security Engineer

@ Cofense | Remote, United States

Cyber Hygiene GCP Cloud Junior Engineer

@ Deutsche Bank | Bucharest

Engineer - Software - Cyber

@ Valeo | BANGALORE - BAN1