Security News > 2024 > December > Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
2024-12-11 02:59
Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows - CVE-2024-11639 (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote
News URL
https://thehackernews.com/2024/12/ivanti-issues-critical-security-updates.html
Related news
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical vulnerabilities persist in high-risk sectors (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- Major security audit of critical FreeBSD components now available (source)
- AlmaLinux 9.5 released: Security updates, new packages, and more! (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
- Wireshark 4.4.2: Security updates, bug fixes, updated protocol support (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-10 | CVE-2024-11639 | An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access | 0.0 |