CyberSec.Space Logo
Back to CVE Browser

CVE-2024-7593

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score42.4230%
EPSS Percentile91.65th
PublishedAug 13, 2024
Last ModifiedJun 5, 2026

Vulnerability Description

Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.

Affected Platforms (CPE)

πŸ“¦
Ivanti

Virtual Traffic Manager

= 22.2
πŸ“¦
Ivanti

Virtual Traffic Manager

= 22.3
πŸ“¦
Ivanti

Virtual Traffic Manager

= 22.3
πŸ“¦
Ivanti

Virtual Traffic Manager

= 22.5
πŸ“¦
Ivanti

Virtual Traffic Manager

= 22.6
πŸ“¦
Ivanti

Virtual Traffic Manager

= 22.7

References & Advisories

πŸ”— https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-7593

Related Vulnerabilities

CVE-2007-541910.0

The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, configures this server to accept al...

CVE-2016-50229.8

F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6....

CVE-2021-229919.8

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before...

CVE-2021-16018.3

Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensiti...