Known Vulnerabilities
CVE-2024-8963
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
CRITICAL
CVSS 9.4
Published Sep 19, 2024
CVE-2024-8190
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
HIGH
CVSS 7.2
Published Sep 10, 2024