{"id":1141511,"date":"2024-02-09T19:29:26","date_gmt":"2024-02-09T21:29:26","guid":{"rendered":"https:\/\/teknomers.com\/fr\/avertissement-la-nouvelle-faille-ivanti-auth-bypass-affecte-les-passerelles-connect-secure-et-zta\/"},"modified":"2024-02-09T19:29:30","modified_gmt":"2024-02-09T21:29:30","slug":"avertissement-la-nouvelle-faille-ivanti-auth-bypass-affecte-les-passerelles-connect-secure-et-zta","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/avertissement-la-nouvelle-faille-ivanti-auth-bypass-affecte-les-passerelles-connect-secure-et-zta\/","title":{"rendered":"Avertissement\u00a0: la nouvelle faille Ivanti Auth Bypass affecte les passerelles Connect Secure et ZTA."},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">09 f\u00e9vrier 2024<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">R\u00e9daction<\/span><\/span><span class=\"p-tags\">Vuln\u00e9rabilit\u00e9 \/ Zero Day<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" href=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/02\/Avertissement-la-nouvelle-faille-Ivanti-Auth-Bypass-affecte-les-passerelles.jpg\" style=\"clear: left; display: block; float: left; text-align: center;\"><\/a><\/div>\n<p>Ivanti a alert\u00e9 ses clients d&#8217;une autre faille de s\u00e9curit\u00e9 de haute gravit\u00e9 dans ses appareils de passerelle Connect Secure, Policy Secure et ZTA, qui pourrait permettre aux attaquants de contourner l&#8217;authentification.<\/p>\n<p>Le probl\u00e8me, suivi comme <strong>CVE-2024-22024<\/strong>est not\u00e9 8,3 sur 10 sur le syst\u00e8me de notation CVSS.<\/p>\n<p>&#8220;Une entit\u00e9 externe XML ou une vuln\u00e9rabilit\u00e9 XXE dans le composant SAML des passerelles Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) et ZTA qui permet \u00e0 un attaquant d&#8217;acc\u00e9der \u00e0 certaines ressources restreintes sans authentification&#8221;, la soci\u00e9t\u00e9 <a rel=\"nofollow noopener\" href=\"https:\/\/forums.ivanti.com\/s\/article\/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US\" target=\"_blank\">dit<\/a> dans un avis.<\/p>\n<p>La soci\u00e9t\u00e9 a d\u00e9clar\u00e9 avoir d\u00e9couvert la faille lors d&#8217;un examen interne dans le cadre de son enqu\u00eate en cours sur plusieurs failles de s\u00e9curit\u00e9 dans les produits r\u00e9v\u00e9l\u00e9es depuis le d\u00e9but de l&#8217;ann\u00e9e, notamment CVE-2023-46805, CVE-2024-21887, CVE. -2024-21888 et CVE-2024-21893.<\/p>\n<div class=\"check_two clear babsi\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/thn.news\/tl_d2\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"La cyber-s\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/02\/1707338666_510_La-Coalition-mondiale-et-les-geants-de-la-technologie-sunissent.jpg\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>CVE-2024-22024 affecte les versions suivantes des produits &#8211;<\/p>\n<ul>\n<li>Ivanti Connect Secure (versions 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 et 22.5R1.1)<\/li>\n<li>Ivanti Policy Secure (version 22.5R1.1)<\/li>\n<li>ZTA (version 22.6R1.3)<\/li>\n<\/ul>\n<p>Les correctifs pour le bogue sont disponibles dans les versions Connect Secure 9.1R14.5, 9.1R17.3, 9.1R18.4, 22.4R2.3, 22.5R1.2, 22.5R2.3 et 22.6R2.2 ;  Versions Policy Secure 9.1R17.3, 9.1R18.4 et 22.5R1.2\u00a0;  et versions ZTA 22.5R1.6, 22.6R1.5 et 22.6R1.7.<\/p>\n<p>Ivanti a d\u00e9clar\u00e9 qu&#8217;il n&#8217;y avait aucune preuve d&#8217;exploitation active de la faille, mais avec CVE-2023-46805, CVE-2024-21887 et CVE-2024-21893 faisant l&#8217;objet d&#8217;abus g\u00e9n\u00e9ralis\u00e9s, il est imp\u00e9ratif que les utilisateurs agissent rapidement pour appliquer les derniers correctifs.<\/p>\n<h3>Mise \u00e0 jour<\/h3>\n<p>La soci\u00e9t\u00e9 de cybers\u00e9curit\u00e9 watchTowr, qui a d\u00e9clar\u00e9 avoir divulgu\u00e9 CVE-2024-22024 \u00e0 Ivanti d\u00e9but f\u00e9vrier 2024, a d\u00e9clar\u00e9 que le probl\u00e8me provenait d&#8217;un correctif incorrect pour CVE-2024-21893 introduit dans la derni\u00e8re version du logiciel.<\/p>\n<p>&#8220;XXE est une introduction \u00e0 une vari\u00e9t\u00e9 d&#8217;impacts\u00a0: DOS, Local File Read et SSRF&#8221;, il <a rel=\"nofollow noopener\" href=\"https:\/\/labs.watchtowr.com\/are-we-now-part-of-ivanti\/\" target=\"_blank\">dit<\/a>.  &#8220;L&#8217;impact du SSRF d\u00e9pend clairement des protocoles disponibles.&#8221;<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ?  Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2024\/02\/warning-new-ivanti-auth-bypass-flaw.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80209 f\u00e9vrier 2024\ue804R\u00e9dactionVuln\u00e9rabilit\u00e9 \/ Zero Day Ivanti a alert\u00e9 ses clients d&#8217;une autre faille de s\u00e9curit\u00e9 de haute gravit\u00e9 dans ses appareils de passerelle Connect Secure, Policy Secure et ZTA, qui pourrait permettre aux attaquants de contourner l&#8217;authentification. Le probl\u00e8me, suivi comme CVE-2024-22024est not\u00e9 8,3 sur 10 sur le syst\u00e8me de notation CVSS. &#8220;Une entit\u00e9 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1141512,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[200292,1132,116602,4958,116603,4168,115943,4165,4161,200267,9048,175748,4159,4171,65,200271,200268,197,200269,200270,52988,78891,128318,4172,4169,4166,4164,229116],"class_list":["post-1141511","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-actualites-sur-la-cybersecurite","tag-affecte","tag-auth","tag-avertissement","tag-bypass","tag-comment-pirater","tag-connect","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-cyberactualites","tag-faille","tag-ivanti","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-les","tag-logiciel-malveillant-rancongiciel","tag-mises-a-jour-sur-la-cybersecurite","tag-nouvelle","tag-nouvelles-des-pirates","tag-nouvelles-sur-le-piratage","tag-passerelles","tag-secure","tag-securite-des-informations","tag-securite-informatique","tag-securite-internet","tag-violation-de-donnees","tag-vulnerabilite-logicielle","tag-zta"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1141511","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=1141511"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1141511\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/1141512"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=1141511"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=1141511"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=1141511"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}