1 min read

Mitigation Instructions for CVE-2024-21893

Mitigation Instructions for CVE-2024-21893

SUBJECT: Urgent Mitigation Required: Ivanti Connect Secure, Policy Secure, and Neurons for ZTA - Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-21893)

TECH STACK:  Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x), Ivanti Neurons for ZTA

DATE(S) ISSUED: 01/31/2024

NVD Last Modified: 01/31/2024

CRITICALITY: HIGH (CVSS score:8.2)

OVERVIEW: 

A critical Server-Side Request Forgery (SSRF) vulnerability (CVE-2024-21893) has been identified in Ivanti Connect Secure, Policy Secure, and Neurons for ZTA versions 9.x and 22.x. This vulnerability allows an attacker to access certain restricted resources without authentication, potentially compromising the entire system.

SOLUTION: 

Immediate Action:

  1. Apply the patch: Ivanti has released patches for all affected versions. Download and install the appropriate patch for your environment immediately. You can find the patches and instructions on the Ivanti support portal: https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US
  1. If patching is not possible: If patching is not possible due to downtime constraints or other reasons, disable SAML authentication until the patch can be applied. This is a temporary workaround and should only be used as a last resort.

Confirmation & Additional Information:

Additional Recommendations:

  1. Review logs for suspicious activity: After applying the patch or workaround, review your system logs for any suspicious activity that may have occurred before the mitigation was implemented.
  2. Enable additional security measures: Consider implementing additional security measures, such as web application firewalls (WAFs) and intrusion detection/prevention systems (IDS/IPS), to further protect your system from SSRF attacks.

REFERENCES:

Third Party Advisories:

General Instructions for Updating Outdated Versions of WordPress

General Instructions for Updating Outdated Versions of WordPress

Subject: Essential Maintenance: Updating WordPress to Enhance Security and Performance

Read More
Mitigation Instructions for PHP 8.2.x < 8.2.9 Multiple Vulnerabilities

Mitigation Instructions for PHP 8.2.x < 8.2.9 Multiple Vulnerabilities

Subject: Security Alert: Upgrading PHP to Version 8.2.9 or Later to Address Critical Vulnerabilities

Read More
Upgrading OpenSSL to Address Vulnerabilities

Upgrading OpenSSL to Address Vulnerabilities

Subject: Security Update Guidance: Upgrading OpenSSL to Address Vulnerabilities

Read More