Lucene search
K

160 matches found

RedhatCVE
RedhatCVE
added 2025/02/04 10:31 p.m.12 views

CVE-2024-8963

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality...

9.4CVSS9.3AI score0.98557EPSS
Exploits2References1
CNVD
CNVD
added 2024/12/23 12:0 a.m.3 views

Ivanti CSA SQL Injection Vulnerability

Ivanti CSA is a locally deployed virtual appliance from Ivanti that is designed to simplify the integration of IT service management with cloud services and support automated processes to improve operational efficiency. Ivanti CSA suffers from a SQL injection vulnerability that can be exploited b...

9.1CVSS8.1AI score0.23598EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/17 12:0 a.m.3 views

Ivanti CSA Code Execution Vulnerability

Ivanti CSA is a locally deployed virtual appliance from Ivanti, primarily designed to simplify the integration of IT service management with cloud services and to support the automation of IT processes to improve operational efficiency. A code execution vulnerability exists in Ivanti CSA, which c...

9.1CVSS8.1AI score0.07703EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/17 12:0 a.m.2 views

Ivanti CSA Authentication Bypass Vulnerability

Ivanti CSA is a locally deployed virtual appliance from Ivanti, primarily designed to simplify the integration of IT service management with cloud services and to support the automation of IT processes to improve operational efficiency. An authentication bypass vulnerability exists in Ivanti CSA,...

10CVSS7.5AI score0.04902EPSS
Exploits0References1
NVD
NVD
added 2024/12/10 7:15 p.m.21 views

CVE-2024-11639

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access...

10CVSS0.04902EPSS
Exploits0References1
OSV
OSV
added 2024/12/10 7:15 p.m.1 views

CVE-2024-11772

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

7.2CVSS7.6AI score0.23598EPSS
Exploits0References1
OSV
OSV
added 2024/12/10 7:15 p.m.1 views

CVE-2024-11773

SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...

7.2CVSS5.9AI score0.23598EPSS
Exploits0References1
OSV
OSV
added 2024/12/10 7:15 p.m.2 views

CVE-2024-11639

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access...

9.8CVSS7.3AI score0.23598EPSS
Exploits0References1
NVD
NVD
added 2024/12/10 7:15 p.m.18 views

CVE-2024-11773

SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...

9.1CVSS0.23598EPSS
Exploits0References1
NVD
NVD
added 2024/12/10 7:15 p.m.19 views

CVE-2024-11772

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.07703EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/10 6:56 p.m.30 views

CVE-2024-11773

SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...

9.1CVSS0.23598EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/10 6:56 p.m.11 views

CVE-2024-11773

SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...

9.1CVSS7.9AI score0.23598EPSS
Exploits0References1
CVE
CVE
added 2024/12/10 6:56 p.m.61 views

CVE-2024-11773

Ivanti Cloud Security Appliance (CSA) admin web console prior to 5.0.3 is affected by a SQL injection that can be exploited by a remote authenticated attacker with admin privileges to execute arbitrary SQL statements. The issue is confirmed in CVE-2024-11773; affected product/version is CSA befor...

9.1CVSS9.2AI score0.23598EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/10 6:55 p.m.59 views

CVE-2024-11772

CVE-2024-11772 , CVE-2024-11639 , and CVE-2024-11773 affect Ivanti Cloud Security Appliance (CSA) / Ivanti Endpoint Manager Cloud Services Appliance before version 5.0.3. The admin web console exposes multiple issues: an authentication bypass enabling remote admin access (CVE-2024-11639); a comma...

9.1CVSS9.4AI score0.23598EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2024/12/10 6:55 p.m.4 views

EUVD-2024-34195

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

10CVSS9.6AI score0.23598EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/10 6:55 p.m.27 views

CVE-2024-11772

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.23598EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/10 6:55 p.m.17 views

CVE-2024-11772

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS7.9AI score0.23598EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/10 6:54 p.m.23 views

CVE-2024-11639

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access...

10CVSS0.04902EPSS
Exploits0References1
CVE
CVE
added 2024/12/10 6:54 p.m.81 views

CVE-2024-11639

The connected sources confirm multiple vulnerabilities in Ivanti Endpoint Manager Cloud Services Appliance (Ivanti CSA) prior to version 5.0.3. Specifically: authentication bypass in the admin web console (CVE-2024-11639) that could grant remote admin access; command injection (CVE-2024-11772) re...

10CVSS9.8AI score0.04902EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/10 6:54 p.m.12 views

CVE-2024-11639

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access...

10CVSS7.9AI score0.04902EPSS
Exploits0References1
Rows per page
Query Builder