Ivanti Neurons for ITSM Unrestricted File Upload via Web Component
CVE-2024-22060 Published on May 31, 2024
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM server.
Weakness Type
What is an Unrestricted File Upload Vulnerability?
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
CVE-2024-22060 has been classified to as an Unrestricted File Upload vulnerability or weakness.
Products Associated with CVE-2024-22060
Want to know whenever a new CVE is published for Ivanti Neurons For Itsm? stack.watch will email you.
Affected Versions
Ivanti ITSM:- Version 2023.3, <= 2023.3 is affected.
- Version 2023.4 is affected.
- Version 2023.3 is affected.
- Version 2023.2 is affected.
- Version 2023.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.