A heap overflow vulnerability in IPSec component of...
High severity
Unreviewed
Published
Apr 5, 2024
to the GitHub Advisory Database
•
Updated Oct 4, 2024
Description
Published by the National Vulnerability Database
Apr 4, 2024
Published to the GitHub Advisory Database
Apr 5, 2024
Last updated
Oct 4, 2024
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code
References