Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
impervablogGabi StapelIMPERVABLOG:6B12A585C1DFC031FA2D96AC0F426A5F
HistoryFeb 13, 2024 - 10:18 p.m.

Imperva defends customers against CVE-2024-22024 in Ivanti products

2024-02-1322:18:53
Gabi Stapel
www.imperva.com
19
imperva
defends
customers
ivanti
cve-2024-22024
authentication bypass
zta gateways
severity score
exploit
financial services
cloud waf
on-prem
emergency feed
signature
security patches

AI Score

7.3

Confidence

Low

EPSS

0.004

Percentile

74.6%

JSON

Ivanti recently published an urgent warning about an authentication bypass in Ivanti Connect Secure, Ivanti Policy Secure, and ZTA gateways, tracked as CVE-2024-22024. The bug, which carries a severity score of 8.3, was discovered during an internal review.

Since its announcement on February 8, Imperva Threat Research has observed attackers attempting to exploit this vulnerability via automated tools over 30,000 times on thousands of sites, predominantly those in Financial Services.

Imperva customers are protected against CVE-2024-22024. Cloud WAF and On-Prem customers with SecureSphere Emergency Feed enabled are protected out of the box. On-Prem customers without Emergency Feed will need to manually add the signature published via our Customer Portal. Even with protection, we urge our customers to remain vigilant and update their systems with the latest security patches.

The post Imperva defends customers against CVE-2024-22024 in Ivanti products appeared first on Blog.

Related

hivepro 1
githubexploit 2
nuclei 1
prion 1
akamaiblog 1
cvelist 1
cve 1
nvd 1
attackerkb 1
malwarebytes 1
thn 4
nessus 2
ics 1
hivepro
hivepro
Ivanti Addresses Yet Another VPN Flaw Within a Month
2024-02-12 11:47:34
githubexploit
githubexploit
Exploit for Improper Restriction of XML External Entity Reference in Ivanti Connect Secure
2024-02-09 14:31:56
Exploit for Improper Restriction of XML External Entity Reference in Ivanti Connect Secure
2024-02-10 06:23:44
nuclei
nuclei
Ivanti Connect Secure - XXE
2024-02-09 07:59:13
prion
prion
Xxe
2024-02-13 04:15:00
akamaiblog
akamaiblog
Scanning Activity for CVE-2024-22024 (XXE) Vulnerability in Ivanti
2024-02-14 06:00:00
cvelist
cvelist
CVE-2024-22024
2024-02-13 04:07:04
cve
cve
CVE-2024-22024
2024-02-13 04:15:07
nvd
nvd
CVE-2024-22024
2024-02-13 04:15:07
attackerkb
attackerkb
CVE-2024-22024
2024-02-13 00:00:00
malwarebytes
malwarebytes
Ivanti urges customers to patch yet another critical vulnerability
2024-02-09 18:13:42
thn
thn
Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries
2024-02-15 14:20:00
Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
2024-02-09 03:35:00
Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities
2024-03-01 06:26:00
nessus
nessus
Ivanti Policy Secure 9.x / 22.x Multiple Vulnerabilities
2024-02-09 00:00:00
Ivanti Connect Secure 9.x / 22.x Multiple Vulnerabilities
2024-01-10 00:00:00
ics
ics
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
2024-02-29 12:00:00

AI Score

7.3

Confidence

Low

EPSS

0.004

Percentile

74.6%

JSON
Related for IMPERVABLOG:6B12A585C1DFC031FA2D96AC0F426A5F
hivepro1githubexploit2nuclei1prion1akamaiblog1cvelist1cve1nvd1attackerkb1malwarebytes1thn4nessus2ics1