CVE-2024-9842

Low

Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary…

ivanti·CWE-267·Published 2024-11-12

CVSS

3.3

EPSS

0.00

KEV

Exploits

cve.orgen

141 chars

Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.

NVDen

141 chars

Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.

Los permisos incorrectos en Ivanti Secure Access Client anteriores a la versión 22.7R4 permiten que un atacante autenticado local cree carpetas arbitrarias.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.3	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H
3.1	Primary	NVD	3.3	1.8	1.4	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.1	Secondary	NVD	7.3	2.0	4.7	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H