Overview
- Description
- An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Known exploits
Data from CISA
- Vulnerability name
- Ivanti Cloud Services Appliance OS Command Injection Vulnerability
- Exploit added on
- Sep 13, 2024
- Exploit action due
- Oct 4, 2024
- Required action
- As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive future security updates.
Social media
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2024-8190
@transilienceai
12 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
10 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
8 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
5 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Ivanti reveals a critical flaw in CSA 4.6 that could be chained with CVE-2024-8190 for full admin bypass and remote code execution. Ensure you're patching and securing your systems. https://t.co/RMgVj10G1l
@Shift6Security
5 Nov 2024
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
4 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
30 Oct 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
29 Oct 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
25 Oct 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Vulnerability #CISA CISA & Ivanti Warn of Active Exploitation Cloud Services Appliance Flaw CVE-2024-8190 https://t.co/wC8JciRH1c
@Komodosec
21 Oct 2024
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
20 Oct 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
On September 10, 2024, when the advisory for CVE-2024-8190 was published by Ivanti, the threat actor, still active in the customer’s network, “patched” the command injection vulnerabilities in the resources /gsb/DateTimeTab.php, and /gsb/reports.php, making them unexploitable.
@dcuthbert
2697 Impressions
0 Retweets
10 Likes
0 Bookmarks
3 Replies
1 Quote
Actively exploited CVE : CVE-2024-8190
@transilienceai
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:cloud_services_appliance:4.6:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B63CA83-3DB3-4670-878E-17A54586B25E"
},
{
"criteria": "cpe:2.3:a:ivanti:cloud_services_appliance:4.6:patch_518:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61C0BF44-691D-4811-BE9E-FB9B6CC856B9"
}
],
"operator": "OR"
}
]
}
]