High
CVSS 7.5
Overview
An out-of-bounds write in IPsec of Ivanti Connect Secure before version 22.7R2.1(Not Applicable to 9.1Rx) allows a remote unauthenticated attacker to cause a denial of service.
CVE-2024-38649
An out-of-bounds write in IPsec of Ivanti Connect Secure before version 22.7R2.1...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 7.5 (HIGH)
- Detected tags: dos, oob_write, unauth_access (tag impact: HIGH)
Recommended actions:
- Rate limiting, resource quotas and circuit breakers.
- Enforce authentication/authorization; reduce default endpoint exposure.