CVE-2024-21887: Critical Ivanti Connect Secure Command Injection Vulnerability Advisory
Ivanti Connect Secure (ICS) and Ivanti Policy Secure contain a command injection vulnerability (CVE-2024-21887) in web components, allowing authenticated administrators to execute arbitrary commands. This is frequently chained with CVE-2023-46805 for unauthenticated access.