SSRF in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-21893)
Description
A Server-Side Request Forgery (SSRF) vulnerability exists in Ivanti Connect Secure, Policy Secure, and Neurons products. This flaw allows attackers to make the server perform unauthorized requests to internal or external resources. Critically, this vulnerability can be chained with CVE-2023-46805 (authentication bypass) and CVE-2024-21887 (remote code execution) to achieve complete system compromise without authentication.
Remediation
Apply security patches immediately by upgrading to the latest patched versions of Ivanti Connect Secure, Policy Secure, and Neurons as specified in Ivanti's security advisories. Follow these steps:
1. Review Ivanti's official security bulletin for CVE-2024-21893 to identify the minimum patched version for your product
2. Schedule maintenance window and create system backups before patching
3. Download and install the latest security updates from Ivanti's support portal
4. Verify the patch installation and confirm the version number post-upgrade
5. Review system logs for any signs of prior exploitation
6. If immediate patching is not possible, implement network-level restrictions to limit access to the affected systems to trusted IP addresses only as a temporary mitigation
Consult Ivanti's official security advisories for product-specific upgrade instructions and additional hardening recommendations.