Overview
- Description
- Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.1
- Impact score
- 5.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- CRITICAL
Known exploits
Data from CISA
- Vulnerability name
- Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
- Exploit added on
- Sep 19, 2024
- Exploit action due
- Oct 10, 2024
- Required action
- As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive security updates.
Social media
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2024-8963
@transilienceai
10 Nov 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2024-8963 : Path Traversal Severity: Critical Cvss-Score: 9.1 reference: https://t.co/q61sDVNL9q Poc Video Link : https://t.co/5GpJGmXpAZ #BugBountyPoC #BugBountyExploitPoC #PoCBugBounty #BugBountyProofOfConcept #LiveBugBounty #LiveBugHunting https://t.co/86XIZsMVzY
@viehgroup
10 Nov 2024
79 Impressions
0 Retweets
1 Like
2 Bookmarks
0 Replies
0 Quotes
CVE-2024-8963 : Path Traversal Severity: Critical Cvss-Score: 9.1 reference: https://t.co/hdhBk7Nnhk Poc Video Link : https://t.co/Rgt0ZRNo32 #BugBountyPoC #BugBountyExploitPoC #PoCBugBounty https://t.co/K4NJ8DXnir
@wgujjer11
9 Nov 2024
4105 Impressions
25 Retweets
133 Likes
63 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-8963
@transilienceai
8 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
๐จ Scanning Ivanti Cloud Services Appliance - Path Traversal (CVE-2024-8963) Using Nuclei Template shared by johnk3r ๐ Template : https://t.co/oV7HO105eB #ivanti #kev #hackwithautomation https://t.co/008EgrKvDV
@bountywriteups
6 Nov 2024
1381 Impressions
7 Retweets
33 Likes
11 Bookmarks
0 Replies
0 Quotes
๐จ Scanning Ivanti Cloud Services Appliance - Path Traversal (CVE-2024-8963) Using Nuclei detect it fast and keep your assets secure! ๐ Template : https://t.co/s0Utl3ieB9 Reference: https://t.co/6NnPAZiF9f #ivanti #kev #hackwithautomation @pdnuclei https://t.co/p0xAPUfik2
@DhiyaneshDK
6 Nov 2024
7720 Impressions
28 Retweets
132 Likes
70 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8963
@transilienceai
5 Nov 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8963
@transilienceai
4 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8963
@transilienceai
23 Oct 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-8963
@transilienceai
20 Oct 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F3651A6-CE83-4DB9-984E-5BFD6AF7F42D"
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:patch_512:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B0B3862-470F-4FEE-988F-E8E004A2F5AB"
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:patch_518:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "591B2354-0874-408A-BFB8-59452C33A5B1"
}
],
"operator": "OR"
}
]
}
]