Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-19	CVE-2024-8963	Path Traversal vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.6 Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. network low complexity ivanti CWE-22 critical	9.1
2021-12-08	CVE-2021-44529	Code Injection vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.5/4.6 A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody). network low complexity ivanti CWE-94 critical	9.8