Lucene search
3c1d8aa1-5a33-4ea4-8992-aadd6440af75NVD:CVE-2024-8963HistorySep 19, 2024 - 6:15 p.m.
CVE-2024-8963
2024-09-1918:15:10
CWE-22
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
web.nvd.nist.gov
4
path traversal
ivanti csa
patch 519
remote attacker
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS
0.31
Percentile
97.0%
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
Affected configurations
Node
ivantiendpoint_manager_cloud_services_applianceMatch4.6-
ORivantiendpoint_manager_cloud_services_applianceMatch4.6patch_512
ORivantiendpoint_manager_cloud_services_applianceMatch4.6patch_518
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ivanti | endpoint_manager_cloud_services_appliance | 4.6 | cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:-:*:*:*:*:*:* |
| ivanti | endpoint_manager_cloud_services_appliance | 4.6 | cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:patch_512:*:*:*:*:*:* |
| ivanti | endpoint_manager_cloud_services_appliance | 4.6 | cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:patch_518:*:*:*:*:*:* |
Related
cve
cve
CVE-2024-8963
2024-09-19 18:15:10
ics
ics
CISA Adds One Known Exploited Vulnerability to Catalog
2024-09-19 12:00:00
vulnrichment
vulnrichment
CVE-2024-8963
2024-09-19 17:14:49
cvelist
cvelist
CVE-2024-8963
2024-09-19 17:14:49
nessus
nessus
cisa_kev
cisa_kev
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
2024-09-19 00:00:00
thn
thn
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS
0.31
Percentile
97.0%
Related for NVD:CVE-2024-8963