Cloud Services Appliance@* Security Vulnerabilities and Issues — Cloud Services Appliance@* CVE List

Lucene search

IvantiCloud Services Appliance*

6 matches found

CVE•added 2024/12/10 7:15 p.m.•64 views

CVE-2024-11639

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access

10CVSS9.8AI score0.34292EPSS

CVE•added 2025/02/11 4:15 p.m.•56 views

CVE-2024-47908

OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

9.1CVSS9.5AI score0.1131EPSS

CVE•added 2024/12/10 7:15 p.m.•49 views

CVE-2024-11773

SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.

9.1CVSS9.2AI score0.34292EPSS

CVE•added 2024/12/10 7:15 p.m.•44 views

CVE-2024-11772

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

9.1CVSS9.4AI score0.34292EPSS

CVE•added 2025/02/11 4:15 p.m.•38 views

CVE-2024-11771

Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality.

5.3CVSS5.3AI score0.1131EPSS

CVE•added 2025/05/13 3:15 p.m.•36 views

CVE-2025-22460

Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges.

7.8CVSS7AI score0.00106EPSS