Security News > 2024 > September > Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
2024-09-20 04:18

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the company as part of CSA 4.6 Patch 519 and CSA 5.0. "Path Traversal in the Ivanti CSA before 4.6 Patch


News URL

https://thehackernews.com/2024/09/critical-ivanti-cloud-appliance.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-09-19 CVE-2024-8963 Path Traversal vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.6
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
network
low complexity
ivanti CWE-22
critical
 9.1
9.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Ivanti 27 0 51 157 75 283