Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

2024-12-11 02:59

Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows - CVE-2024-11639 (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote

News URL

https://thehackernews.com/2024/12/ivanti-issues-critical-security-updates.html

#critical #ivanti #security #update #vulnerabilities #CVE-2024-11639

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-10	CVE-2024-11639	Missing Authentication for Critical Function vulnerability in Ivanti Cloud Services Appliance 4.5/4.6/5.0 An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access network low complexity ivanti CWE-306 critical	9.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Ivanti		29	1	56	184	81	322

News URL

Related news

Related Vulnerability

Related vendor