Endpoint Manager Cloud Services Appliance@* Security Vulnerabilities and Issues — Endpoint Manager Cloud Services Appliance@* CVE List

Lucene search

IvantiEndpoint Manager Cloud Services Appliance*

6 matches found

CVE•added 2024/10/08 5:15 p.m.•261 views

CVE-2024-9380

An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.

7.2CVSS7.2AI score0.84886EPSS

In wild

CVE•added 2024/09/10 9:15 p.m.•224 views

CVE-2024-8190

An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.

7.2CVSS7.7AI score0.92389EPSS

In wildWeb

CVE•added 2024/09/19 6:15 p.m.•223 views

CVE-2024-8963

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.

9.4CVSS7.2AI score0.94372EPSS

In wild

CVE•added 2024/10/08 5:15 p.m.•220 views

CVE-2024-9379

SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.

7.2CVSS6.8AI score0.84886EPSS

In wild

CVE•added 2021/12/08 10:15 p.m.•189 views

CVE-2021-44529

A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).

9.8CVSS9.6AI score0.94461EPSS

In wildWeb

CVE•added 2024/10/08 5:15 p.m.•186 views

CVE-2024-9381

Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.

7.2CVSS6.7AI score0.84886EPSS

In wild