CVE-2024-9380

CVSS 7.2 HIGHEPSS 63.0%● KEVCWE-77

In short

An admin web console in Ivanti CSA allows an administrator to execute arbitrary system commands on the server by injecting malicious input, potentially compromising the entire system.

Technical detail

OS command injection vulnerability in Ivanti CSA admin console (before 5.0.2) allows authenticated admin users to inject system commands through unvalidated input parameters, achieving remote code execution with application privileges. Attack requires valid admin credentials and access to the web console interface.

Summary generated and translated by AI from the official description.

An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Ivanti · CSA (Cloud Services Appliance)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9380