160 matches found
CVE-2024-8963
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality...
Ivanti CSA SQL Injection Vulnerability
Ivanti CSA is a locally deployed virtual appliance from Ivanti that is designed to simplify the integration of IT service management with cloud services and support automated processes to improve operational efficiency. Ivanti CSA suffers from a SQL injection vulnerability that can be exploited b...
Ivanti CSA Code Execution Vulnerability
Ivanti CSA is a locally deployed virtual appliance from Ivanti, primarily designed to simplify the integration of IT service management with cloud services and to support the automation of IT processes to improve operational efficiency. A code execution vulnerability exists in Ivanti CSA, which c...
Ivanti CSA Authentication Bypass Vulnerability
Ivanti CSA is a locally deployed virtual appliance from Ivanti, primarily designed to simplify the integration of IT service management with cloud services and to support the automation of IT processes to improve operational efficiency. An authentication bypass vulnerability exists in Ivanti CSA,...
CVE-2024-11639
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access...
CVE-2024-11772
Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-11773
SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...
CVE-2024-11639
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access...
CVE-2024-11773
SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...
CVE-2024-11772
Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-11773
SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...
CVE-2024-11773
SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...
CVE-2024-11773
Ivanti Cloud Security Appliance (CSA) admin web console prior to 5.0.3 is affected by a SQL injection that can be exploited by a remote authenticated attacker with admin privileges to execute arbitrary SQL statements. The issue is confirmed in CVE-2024-11773; affected product/version is CSA befor...
CVE-2024-11772
CVE-2024-11772 , CVE-2024-11639 , and CVE-2024-11773 affect Ivanti Cloud Security Appliance (CSA) / Ivanti Endpoint Manager Cloud Services Appliance before version 5.0.3. The admin web console exposes multiple issues: an authentication bypass enabling remote admin access (CVE-2024-11639); a comma...
EUVD-2024-34195
Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-11772
Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-11772
Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-11639
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access...
CVE-2024-11639
The connected sources confirm multiple vulnerabilities in Ivanti Endpoint Manager Cloud Services Appliance (Ivanti CSA) prior to version 5.0.3. Specifically: authentication bypass in the admin web console (CVE-2024-11639) that could grant remote admin access; command injection (CVE-2024-11772) re...
CVE-2024-11639
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access...