CVE-2024-9379 | Attaxion

CISA Known Exploited Vulnerability (KEV)

Name

Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability

Exploit added

October 9, 2024

Action due

October 30, 2024

Action required

As Ivanti CSA 4.6.x has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line, or later, of supported solution.

Description

SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381

Weakness Enumeration

CWE-ID	CWE Name
CWE-89	Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)

Known Affected Software Configurations

cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.5:-::::::
cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:patch_512::::::
cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:-::::::

Details

Source:
NVD

Published:
October 8, 2024

Updated:
October 10, 2024

Risk information

CVSS v3

Base score:
7.2

Severity:

HIGH

Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2

Not defined