Ivanti Cloud Services Application
5 CVEs affecting Ivanti Cloud Services Application. Latest disclosed: 2025-02-11. Critical: 4, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-11639 | Critical | 10.0 | 2024-12-10 | An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access |
CVE-2024-47908 | Critical | 9.1 | 2025-02-11 | OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote… |
CVE-2024-11773 | Critical | 9.1 | 2024-12-10 | SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL sta… |
CVE-2024-11772 | Critical | 9.1 | 2024-12-10 | Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote co… |
CVE-2024-11771 | Medium | 5.3 | 2025-02-11 | Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality. |