CVE-2024-13813

Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.2

References

Link	Resource
https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-02-11 16:15

Updated : 2025-02-20 15:56

NVD link : CVE-2024-13813

Mitre link : CVE-2024-13813

CVE.ORG link : CVE-2024-13813

JSON object : View

Products Affected

ivanti

CWE

CWE-732

Incorrect Permission Assignment for Critical Resource