CVE-2024-10630
HIGHDescription
A race condition in Ivanti Application Control Engine before version 10.14.4.0 allows a local authenticated attacker to bypass the application blocking functionality.
Is your site exposed to CVE-2024-10630?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ivanti | application_control |
| ivanti | application_control |
| ivanti | application_control |
| ivanti | application_control |
| ivanti | application_control |
| ivanti | application_control |
| ivanti | application_control |
| ivanti | application_control |
| ivanti | security_controls |
References
Frequently Asked Questions
What is CVE-2024-10630? +
How severe is CVE-2024-10630? +
What products are affected by CVE-2024-10630? +
How do I check if I'm vulnerable to CVE-2024-10630? +
Related Vulnerabilities
XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder …
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple …
Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious …
A race condition vulnerability exists in zenml-io/zenml versions up to and including 0.55.3, which allows for the creation of multiple …
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain …
An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user …