CVE-2024-8190
CVE-2024-8190
In short
An admin user can inject dangerous system commands into Ivanti Cloud Services Appliance through a vulnerable input field, allowing them to run arbitrary code on the server. This is serious because an insider with admin access could take complete control of the appliance.
Technical detail
OS command injection vulnerability in Ivanti Cloud Services Appliance ≤4.6 Patch 518 allows authenticated administrators to execute arbitrary system commands via unsanitized input parameters. Exploitation requires admin-level privileges; successful exploitation results in remote code execution with appliance system privileges.
Summary generated and translated by AI from the official description.
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
Ivanti · CSA (Cloud Services Appliance)public PoCs found — 2
githubgithub.com/horizon3ai/CVE-2024-8190★ 16githubgithub.com/flyingllama87/CVE-2024-8190-unauth★ 2⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8190https://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance