Cve 2024 22243

Cve 2024 22243. Nvd assessment not yet provided. Spring web vulnerable to open redirect or server side request forgery.


Cve 2024 22243

Ivanti has released security updates to address vulnerabilities in all supported versions (9.x and 22.x) of ivanti connect secure and policy secure. Spring framework flaw opens doors to redirects and ssrf attacks.

Spring Framework Url Parsing With Host Validation, Deserialization Of Untrusted Data In Apache Mina, Apache Commons Fileupload Dos Issue In Esapi.jar,.

Under certain conditions, an attacker might be able to trigger an open redirect.

High Severity Github Reviewed Published On Feb 22 To The Github Advisory.

Nvd assessment not yet provided.

Is There Any Impact On Ase Or Exposure To This Issue In Ase From This Cve?

Images References :

5.3.X Users Should Upgrade To 5.3.32;

Under certain conditions, an attacker might be able to trigger an open redirect.

Applications That Use Uricomponentsbuilder To Parse An Externally Provided Url (E.g.

Is there any impact on ase or exposure to this issue in ase from this cve?

Ivanti Has Released Security Updates To Address Vulnerabilities In All Supported Versions (9.X And 22.X) Of Ivanti Connect Secure And Policy Secure.