Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
https://thehackernews.com/2024/10/nation-state-attackers-exploiting.html
https://thehackernews.com/2024/10/zero-day-alert-three-critical-ivanti.html
https://www.securityweek.com/third-recent-ivanti-product-vulnerability-exploited-in-the-wild/
https://thehackernews.com/2024/09/critical-ivanti-cloud-appliance.html