Security News > 2024 > December > Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
2024-12-11 02:59

Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows - CVE-2024-11639 (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote


News URL

https://thehackernews.com/2024/12/ivanti-issues-critical-security-updates.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-12-10 CVE-2024-11639 Missing Authentication for Critical Function vulnerability in Ivanti Cloud Services Appliance 4.5/4.6/5.0
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access
network
low complexity
ivanti CWE-306
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Ivanti 29 1 62 215 85 363