Ivanti Connect Secure 9.1Rx < 9.1R18.5 / 22.x < 22.4R1.1 / 22.5Rx < 22.5R2.3 / 22.6Rx < 22.6R2.2 Multiple Vulnerabilities

high Nessus Plugin ID 187164

Synopsis

A VPN solution installed on the remote host is affected by multiple vulnerabilities.

Description

The Ivanti Connect Secure installed on the remote host is 9.1Rx prior to 9.1R18.5, 22.x prior to 22.4R1.1, 22.5Rx prior to 22.5R2.3, or 22.6Rx < 22.6R2.2. It is, therefore, affected by multiple vulnerabilities.

- A vulnerability exists on both branches of Ivanti Connect Secure (9.1Rx and 22x) below 22.6R2 or 9.1R18.2 where an attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance.
(DoS) of the appliance. NOTE: (There are patch versions listed in the resolution section below 22.6R2 that contain the patch) (CVE-2023-39340)

- A vulnerability exists on both branches of Ivanti Connect Secure (9.1Rx and 22x) below 22.6R2 or 9.1R18.5 where an attacker impersonating an administrator may craft a specific web request which may lead to remote code execution. NOTE: (There are patch versions listed in the resolution section below 22.6R2 that contain the patch) (CVE-2023-41719)

- A vulnerability exists on the 22x branch of Ivanti Connect Secure below 22.6R2 where an attacker can escalate their privileges by exploiting a vulnerable installed application. This vulnerability allows the attacker to gain elevated execution privileges on the affected system. NOTE: (There are patch versions listed in the resolution section below 22.6R2 that contain the patch) (CVE-2023-41720)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Ivanti Secure Desktop Client 9.1R18.5, 22.4R1.1, 22.5R2.3, 22.6R2.2, or later.

See Also

http://www.nessus.org/u?4160ef92

Plugin Details

Severity: High

ID: 187164

File Name: ivanti_connect_secure_22_6_r2.nasl

Version: 1.3

Type: remote

Family: Misc.

Published: 12/21/2023

Updated: 4/19/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C

CVSS Score Source: CVE-2023-41719

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2023-41720

Vulnerability Information

CPE: cpe:/a:pulsesecure:pulse_secure_desktop_client

Required KB Items: installed_sw/Pulse Connect Secure

Exploit Ease: No known exploits are available

Patch Publication Date: 12/4/2023

Vulnerability Publication Date: 12/4/2023

Reference Information

CVE: CVE-2023-39340, CVE-2023-41719, CVE-2023-41720