Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-9842

Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.

Published

2024-11-12T17:15:11.580

Last Modified

2025-01-17T19:55:48.957

Status

Analyzed

Source

3c1d8aa1-5a33-4ea4-8992-aadd6440af75

Severity

CVSSv3.1: 7.3 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-267
    CWE-732
  • Type: Primary
    CWE-732
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application ivanti secure_access_client < 22.7 Yes
Application ivanti secure_access_client 22.7 Yes
Application ivanti secure_access_client 22.7 Yes
Application ivanti secure_access_client 22.7 Yes
Application ivanti secure_access_client 22.7 Yes
Application ivanti secure_access_client 22.7 Yes
Operating System microsoft windows - No
References