5 matches found
CVE-2024-9380
creationtimestamp| type| source ---|---|--- 2024-10-08 18:43:40+00:00| exploited| https://t.me/thehackernews/5704 2024-10-08 20:23:57+00:00| seen| https://t.me/cvedetector/7382 2024-10-09 18:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-10-10 08:32:47+00:00| seen|...
Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance CSA have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software service...
CVE-2024-9380
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution...
Security Advisory Ivanti CSA (Cloud Services Application) (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Summary Ivanti has released updates for Ivanti CSA Cloud Services Application which addresses a medium severity and two high severity vulnerabilities. Successful exploitation could lead to an attacker with admin privileges to bypass restrictions, run arbitrary SQL statements or obtain remote code...
VulnCheck KEV: CVE-2024-9380
Ivanti Cloud Services Appliance CSA contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS...