Lucene search
IvantiVULNRICHMENT:CVE-2024-8963HistorySep 19, 2024 - 5:14 p.m.
CVE-2024-8963
2024-09-1917:14:49
CWE-22
ivanti
github.com
1
ivanti csa
path traversal
cve-2024-8963
patch 519
CVSS3
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
AI Score
7.2
Confidence
Low
EPSS
0.631
Percentile
97.9%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:*:*:*:*:*:*:*:*"
],
"vendor": "ivanti",
"product": "endpoint_manager_cloud_services_appliance",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "4.6patch519",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2024-8963
2024-09-19 18:15:10
cve
cve
CVE-2024-8963
2024-09-19 18:15:10
ics
ics
CISA Adds One Known Exploited Vulnerability to Catalog
2024-09-19 12:00:00
cvelist
cvelist
CVE-2024-8963
2024-09-19 17:14:49
nessus
nessus
thn
thn
cisa_kev
cisa_kev
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
2024-09-19 00:00:00
CVSS3
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
AI Score
7.2
Confidence
Low
EPSS
0.631
Percentile
97.9%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-8963