{"uuid": "6074befc-c3b6-46b5-adf4-5fb3874ba0e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "exploited", "source": "https://t.me/KomunitiSiber/1423", "content": "Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation\nhttps://thehackernews.com/2024/01/alert-ivanti-discloses-2-new-zero-day.html\n\nIvanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild.\nThe list of vulnerabilities is as follows -\n\nCVE-2024-21888\u00a0(CVSS score: 8.8) - A privilege escalation vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows", "creation_timestamp": "2024-01-31T15:40:50.000000Z"}