CVE-2024-8963: Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
First published: Thu Sep 19 2024(Updated: )
Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary commands on the appliance.
Credit: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ivanti Endpoint Manager Cloud Services Appliance | =4.6 | |
| Ivanti Endpoint Manager Cloud Services Appliance | =4.6-patch_512 | |
| Ivanti Endpoint Manager Cloud Services Appliance | =4.6-patch_518 | |
| Ivanti Cloud Service Appliances |
Remedy
As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive security updates.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/ivanti-warns-of-another-critical-csa-flaw-exploited-in-attacks/
- https://www.theregister.com/2024/09/20/patch_up_ivanti_fixes_exploited/
- https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-4-6-Cloud-Services-Appliance-CVE-2024-8963
- https://www.bleepingcomputer.com/news/security/ivanti-warns-of-three-more-csa-zero-days-exploited-in-attacks/
- https://www.theregister.com/2024/10/10/cisa_ivanti_fortinet_vulns/
- https://www.bleepingcomputer.com/news/security/ivanti-warns-of-maximum-severity-csa-auth-bypass-vulnerability/
- https://www.theregister.com/2024/12/11/ivanti_vulns_critical/
- https://www.bleepingcomputer.com/news/security/cisa-hackers-still-exploiting-older-ivanti-bugs-to-breach-networks/
- https://nvd.nist.gov/vuln/detail/CVE-2024-8963
- https://www.darkreading.com/vulnerabilities-threats/cisa-ivanti-vulns-chained-attacks
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2024-8963?
CVE-2024-8963 is considered a critical vulnerability due to its potential to allow remote, unauthenticated access to restricted functionality.
How do I fix CVE-2024-8963?
To fix CVE-2024-8963, update the Ivanti Cloud Services Appliance to the latest patched version provided by Ivanti.
Which versions of the Ivanti Cloud Services Appliance are affected by CVE-2024-8963?
CVE-2024-8963 affects Ivanti Endpoint Manager Cloud Services Appliance versions 4.6, 4.6-patch_512, and 4.6-patch_518.
What could an attacker achieve by exploiting CVE-2024-8963?
An attacker exploiting CVE-2024-8963 could potentially access restricted functionalities and, when combined with CVE-2024-8190, bypass authentication to execute higher-level privileges.
Is there any indication of active exploitation of CVE-2024-8963?
Yes, there are reports suggesting that CVE-2024-8963 has been actively exploited in the wild.
- agent/type
- agent/remedy
- agent/title
- agent/description
- agent/first-publish-date
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-8963
- alias/CVE-2024-8190
- collector/the-register
- source/The Register
- alias/CVE-2024-1708
- alias/CVE-2024-20345
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-cve
- alias/CVE-2024-9379
- alias/CVE-2024-9380
- alias/CVE-2024-9381
- alias/CVE-2024-23113
- alias/CVE-2024-11639
- alias/CVE-2024-11772
- alias/CVE-2024-11773
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/severity
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup-request
- agent/weakness
- agent/softwarecombine
- collector/darkreading
- source/Dark Reading
- agent/references
- agent/source
- agent/tags
- agent/event
- agent/trending
- agent/news-ai
- zeroday/true
- vendor/ivanti
- canonical/ivanti endpoint manager cloud services appliance
- version/ivanti endpoint manager cloud services appliance/4.6
- version/ivanti endpoint manager cloud services appliance/4.6-patch_512
- version/ivanti endpoint manager cloud services appliance/4.6-patch_518
- canonical/ivanti cloud service appliances