- Description
- An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Ivanti Cloud Services Appliance OS Command Injection Vulnerability
- Exploit added on
- Sep 13, 2024
- Exploit action due
- Oct 4, 2024
- Required action
- As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive future security updates.
- Hype score
- Not currently trending
This week, @CISAgov shared a writeup on the exploitation of CVE-2024-8963, an admin bypass vulnerability; CVE-2024-9379, a SQLi vulnerability; and CVE-2024-8190 and CVE-2024-9380, RCE vulnerabilities in #Ivanti CSA: https://t.co/2OW61ExzhC. ➡️ Ivanti CVE-2024-8963 has been… http
@Horizon3ai
24 Jan 2025
10 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Cyberattackers are exploiting critical Ivanti CSA vulnerabilities (CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, CVE-2024-9380) for admin bypass and remote code execution. Stay vigilant! ⚠️ #Ivanti #CISA #USA link: https://t.co/XTjLTwDCfM https://t.co/zpLdyydE69
@TweetThreatNews
23 Jan 2025
34 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA and FBI warn of active exploitation of four critical vulnerabilities in Ivanti Cloud Service Appliances (CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, CVE-2024-9380). Stay updated! 🔒 #Ivanti #USA #CyberAlert link: https://t.co/ofFIUEQzPv https://t.co/L8MF8545L9
@TweetThreatNews
23 Jan 2025
42 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Ivanti Cloud Services Appliance (CSA) #CVE-2024-8190 (Critical) - Critical https://t.co/6EzFeouJdH
@dailycve
26 Nov 2024
26 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
23 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
19 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
17 Nov 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
12 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
10 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
8 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
5 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Ivanti reveals a critical flaw in CSA 4.6 that could be chained with CVE-2024-8190 for full admin bypass and remote code execution. Ensure you're patching and securing your systems. https://t.co/RMgVj10G1l
@Shift6Security
5 Nov 2024
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
4 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
30 Oct 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
29 Oct 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
25 Oct 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Vulnerability #CISA CISA & Ivanti Warn of Active Exploitation Cloud Services Appliance Flaw CVE-2024-8190 https://t.co/wC8JciRH1c
@Komodosec
21 Oct 2024
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
20 Oct 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8190
@transilienceai
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
On September 10, 2024, when the advisory for CVE-2024-8190 was published by Ivanti, the threat actor, still active in the customer’s network, “patched” the command injection vulnerabilities in the resources /gsb/DateTimeTab.php, and /gsb/reports.php, making them unexploitable.
@dcuthbert
2697 Impressions
0 Retweets
10 Likes
0 Bookmarks
3 Replies
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:cloud_services_appliance:4.6:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B63CA83-3DB3-4670-878E-17A54586B25E"
},
{
"criteria": "cpe:2.3:a:ivanti:cloud_services_appliance:4.6:patch_518:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61C0BF44-691D-4811-BE9E-FB9B6CC856B9"
}
],
"operator": "OR"
}
]
}
]