Skip to main content

CVE-2023-2024

Description

Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances.

NVD
Severity: HIGH
CVE ID: CVE-2023-2024
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Johnson Controls
Severity: CRITICAL
CVE ID: CVE-2023-2024
CVSS Score: 10.0
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

Refrence: NVDMITRE

Proof Of Concept

team890

For Aina

Refrence: GitHub

Content on GitHub

W01fh4cker | watchers:118

CVE-2024-27198-RCE
CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4

Refrence: GitHub

dinosn | watchers:42

CVE-2024-20931
CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839

Refrence: GitHub

duy-31 | watchers:15

CVE-2023-46805_CVE-2024-21887
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

Refrence: GitHub

seajaysec | watchers:12

Ivanti-Connect-Around-Scan
Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.

Refrence: GitHub

raminkarimkhani1996 | watchers:3

CVE-2023-46805_CVE-2024-21887
The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.

Refrence: GitHub

actuator | watchers:0

yi
CVE-2023-47882 | CVE-2024-23727

Refrence: GitHub

mickdec | watchers:0

CVE-2023-46805_CVE-2024-21887_scan_grouped

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.8