The vulnerabilities, tracked as CVE-2023-46805 and CVE-2024-21887 impacts Ivanti Connect Secure. Together, they allow an unauthenticated attacker to perform a RCE.
For more details, please see this article on our website :
https://www.stormshield.com/news/security-alert-cve-2023-46805-cve-2024-21887-stormshield-products-response/
Stormhield Network Security (SNS) appliance protects you from that attack, thanks to dedicated IPS signatures. To work efficiently on HTTPS traffic, it must be decrypted.
| ID | Name |
| http:80 | Path Traversal |
| http:client.97 | Exploitation of a RCE vulnerability in Ivanti Connect Secure (CVE-2024-21887) |
| http:url:decoded.423 | Exploitation of a RCE vulnerability in Ivanti Connect Secure (CVE-2024-21887) |