.. / CVE-2024-21893

Exploit for Ivanti SAML - Server Side Request Forgery (SSRF) (CVE-2024-21893)

Description:

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.

Nuclei Template

View the template here CVE-2024-21893.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-21893.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-21893
https://www.assetnote.io/resources/research/ivantis-pulse-connect-secure-auth-bypass-round-two
https://github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887
https://attackerkb.com/topics/FGlK1TVnB2/cve-2024-21893/rapid7-analysis
https://github.com/advisories/GHSA-5rr9-mqhj-7cr2
https://github.com/Ostorlab/KEV