Vulnerabilites related to ivanti - cloud_services_appliance
cve-2024-11772
Vulnerability from cvelistv5
Published
2024-12-10 18:55
Modified
2024-12-14 04:55
Severity ?
EPSS score ?
Summary
Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Cloud Services Application |
Patch: 5.0.3 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-11772", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-13T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-14T04:55:12.912Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Cloud Services Application", vendor: "Ivanti", versions: [ { status: "unaffected", version: "5.0.3", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.", }, ], impacts: [ { capecId: "CAPEC-88", descriptions: [ { lang: "en", value: "CAPEC-88 OS Command Injection", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T18:55:44.312Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-11772", datePublished: "2024-12-10T18:55:44.312Z", dateReserved: "2024-11-26T15:22:18.641Z", dateUpdated: "2024-12-14T04:55:12.912Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-8190
Vulnerability from cvelistv5
Published
2024-09-10 20:33
Modified
2024-09-16 13:24
Severity ?
EPSS score ?
Summary
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | CSA (Cloud Services Appliance) |
Patch: 4.6 Patch 519 Patch: 5.0 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "endpoint_manager_cloud_services_appliance", vendor: "ivanti", versions: [ { lessThan: "5.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-8190", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-13T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2024-09-13", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-09-14T03:55:55.448Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, timeline: [ { lang: "en", time: "2024-09-13T00:00:00+00:00", value: "CVE-2024-8190 added to CISA KEV", }, ], title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-09-16T13:24:41.628Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance", }, ], title: "CVE Program Container", x_generator: { engine: "ADPogram 0.0.1", }, }, ], cna: { affected: [ { defaultStatus: "affected", product: "CSA (Cloud Services Appliance)", vendor: "Ivanti", versions: [ { status: "unaffected", version: "4.6 Patch 519", versionType: "custom", }, { status: "unaffected", version: "5.0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.", }, ], value: "An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.", }, ], impacts: [ { capecId: "CAPEC-88", descriptions: [ { lang: "en", value: "CAPEC-88 OS Command Injection", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T20:33:44.793Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-8190", datePublished: "2024-09-10T20:33:44.793Z", dateReserved: "2024-08-26T19:12:19.826Z", dateUpdated: "2024-09-16T13:24:41.628Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-11773
Vulnerability from cvelistv5
Published
2024-12-10 18:56
Modified
2024-12-14 04:55
Severity ?
EPSS score ?
Summary
SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Cloud Services Application |
Patch: 5.0.3 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-11773", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-13T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-14T04:55:14.186Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Cloud Services Application", vendor: "Ivanti", versions: [ { status: "unaffected", version: "5.0.3", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">SQL injection in the admin web console of Ivanti CSA before version 5.0.</span><span style=\"background-color: transparent;\">3 allows a r</span><span style=\"background-color: rgb(255, 255, 255);\">emote authenticated attacker with admin privileges to run arbitrary SQL statements.</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.", }, ], impacts: [ { capecId: "CAPEC-66", descriptions: [ { lang: "en", value: "CAPEC-66 SQL Injection", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T18:56:08.742Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-11773", datePublished: "2024-12-10T18:56:08.742Z", dateReserved: "2024-11-26T15:22:21.265Z", dateUpdated: "2024-12-14T04:55:14.186Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-11639
Vulnerability from cvelistv5
Published
2024-12-10 18:54
Modified
2024-12-14 04:55
Severity ?
EPSS score ?
Summary
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Cloud Services Application |
Patch: 5.0.3 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-11639", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-13T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-14T04:55:11.739Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Cloud Services Application", vendor: "Ivanti", versions: [ { status: "unaffected", version: "5.0.3", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access", }, ], impacts: [ { capecId: "CAPEC-115", descriptions: [ { lang: "en", value: "CAPEC-115 Authentication Bypass", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-288", description: "CWE-288: Authentication Bypass Using an Alternate Path or Channel", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T18:54:43.368Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-11639", datePublished: "2024-12-10T18:54:43.368Z", dateReserved: "2024-11-22T18:45:24.957Z", dateUpdated: "2024-12-14T04:55:11.739Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47908
Vulnerability from cvelistv5
Published
2025-02-11 15:18
Modified
2025-02-13 04:55
Severity ?
EPSS score ?
Summary
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Cloud Services Application |
Patch: 5.0.5 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-47908", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-12T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-13T04:55:12.278Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Cloud Services Application", vendor: "Ivanti", versions: [ { status: "unaffected", version: "5.0.5", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">OS command injection in the admin web console of Ivanti CSA before version 5.0.5</span> <span style=\"background-color: transparent;\">allows a </span><span style=\"background-color: rgb(255, 255, 255);\">remote authenticated attacker with admin privileges to achieve remote code execution.</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.", }, ], impacts: [ { capecId: "CAPEC-88", descriptions: [ { lang: "en", value: "CAPEC-88 OS Command Injection", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T15:18:49.425Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-47908", datePublished: "2025-02-11T15:18:49.425Z", dateReserved: "2024-10-04T19:25:07.890Z", dateUpdated: "2025-02-13T04:55:12.278Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2024-12-10 19:15
Modified
2025-01-17 19:41
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ivanti | cloud_services_appliance | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ivanti:cloud_services_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "60628283-69C1-4274-9BC8-5C2B91A7AA6E", versionEndExcluding: "5.0.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.", }, { lang: "es", value: "La inyección SQL en la consola web de administración de Ivanti CSA anterior a la versión 5.0.3 permite que un atacante remoto autenticado con privilegios de administrador ejecute sentencias SQL arbitrarias.", }, ], id: "CVE-2024-11773", lastModified: "2025-01-17T19:41:50.450", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-12-10T19:15:19.943", references: [ { source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", tags: [ "Vendor Advisory", ], url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773", }, ], sourceIdentifier: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-10 21:15
Modified
2024-11-26 19:55
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ivanti | cloud_services_appliance | 4.6 | |
| ivanti | cloud_services_appliance | 4.6 |
{ cisaActionDue: "2024-10-04", cisaExploitAdd: "2024-09-13", cisaRequiredAction: "As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive future security updates.", cisaVulnerabilityName: "Ivanti Cloud Services Appliance OS Command Injection Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ivanti:cloud_services_appliance:4.6:-:*:*:*:*:*:*", matchCriteriaId: "3B63CA83-3DB3-4670-878E-17A54586B25E", vulnerable: true, }, { criteria: "cpe:2.3:a:ivanti:cloud_services_appliance:4.6:patch_518:*:*:*:*:*:*", matchCriteriaId: "61C0BF44-691D-4811-BE9E-FB9B6CC856B9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad de inyección de comandos del sistema operativo en las versiones 4.6, parche 518 y anteriores de Ivanti Cloud Services Appliance permite que un atacante autenticado de forma remota obtenga la ejecución remota de código. El atacante debe tener privilegios de nivel de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2024-8190", lastModified: "2024-11-26T19:55:46.433", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-09-10T21:15:14.697", references: [ { source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", tags: [ "Vendor Advisory", ], url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance", }, ], sourceIdentifier: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-10 19:15
Modified
2025-01-17 19:40
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ivanti | cloud_services_appliance | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ivanti:cloud_services_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "60628283-69C1-4274-9BC8-5C2B91A7AA6E", versionEndExcluding: "5.0.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.", }, { lang: "es", value: "La inyección de comandos en la consola web de administración de Ivanti CSA anterior a la versión 5.0.3 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecución remota de código.", }, ], id: "CVE-2024-11772", lastModified: "2025-01-17T19:40:52.337", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-12-10T19:15:19.817", references: [ { source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", tags: [ "Vendor Advisory", ], url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773", }, ], sourceIdentifier: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-10 19:15
Modified
2025-01-17 19:40
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ivanti | cloud_services_appliance | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ivanti:cloud_services_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "60628283-69C1-4274-9BC8-5C2B91A7AA6E", versionEndExcluding: "5.0.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access", }, { lang: "es", value: "Una omisión de autenticación en la consola web de administración de Ivanti CSA anterior a la versión 5.0.3 permite que un atacante remoto no autenticado obtenga acceso administrativo", }, ], id: "CVE-2024-11639", lastModified: "2025-01-17T19:40:09.763", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-12-10T19:15:19.690", references: [ { source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", tags: [ "Vendor Advisory", ], url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773", }, ], sourceIdentifier: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-288", }, ], source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-02-11 16:15
Modified
2025-02-20 15:57
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ivanti | cloud_services_appliance | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ivanti:cloud_services_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "7E3F8B56-228C-4AE0-9521-16EA5FC3463E", versionEndExcluding: "5.0.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.", }, { lang: "es", value: "La inyección de comandos del sistema operativo en la consola web de administración de Ivanti CSA anterior a la versión 5.0.5 permite que un atacante remoto autenticado con privilegios de administrador logre la ejecución remota de código.", }, ], id: "CVE-2024-47908", lastModified: "2025-02-20T15:57:06.850", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-02-11T16:15:40.247", references: [ { source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", tags: [ "Vendor Advisory", ], url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771", }, ], sourceIdentifier: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", type: "Primary", }, ], }