Lucene search
IvantiCVE-2024-8963HistorySep 19, 2024 - 6:15 p.m.
CVE-2024-8963
2024-09-1918:15:10
CWE-22
ivanti
web.nvd.nist.gov
17
In Wild
path traversal
ivanti csa
remote attacker
CVSS3
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
AI Score
7.2
Confidence
Low
EPSS
0.631
Percentile
97.9%
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "CSA (Cloud Services Appliance)",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "4.6 Patch 519",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-8963
2024-09-19 18:15:10
vulnrichment
vulnrichment
CVE-2024-8963
2024-09-19 17:14:49
ics
ics
CISA Adds One Known Exploited Vulnerability to Catalog
2024-09-19 12:00:00
cvelist
cvelist
CVE-2024-8963
2024-09-19 17:14:49
nessus
nessus
thn
thn
cisa_kev
cisa_kev
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
2024-09-19 00:00:00
CVSS3
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
AI Score
7.2
Confidence
Low
EPSS
0.631
Percentile
97.9%
Related for CVE-2024-8963