Detections
Analytics

CVE-2024-9380

high

Description

An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.

References

https://www.bleepingcomputer.com/news/security/ivanti-warns-of-maximum-severity-csa-auth-bypass-vulnerability/

https://thehackernews.com/2024/10/nation-state-attackers-exploiting.html

https://securityaffairs.com/169619/security/u-s-cisa-adds-ivanti-csa-and-fortinet-bugs-to-its-known-exploited-vulnerabilities-catalog.html

https://www.bleepingcomputer.com/news/security/ivanti-warns-of-three-more-csa-zero-days-exploited-in-attacks/

https://thehackernews.com/2024/10/zero-day-alert-three-critical-ivanti.html

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381

Details

Source: Mitre, NVD

Published: 2024-10-08

Updated: 2024-10-10

Risk Information

CVSS v2

Base Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity: High