Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities, tracked as CVE-2024-11639, CVE-2024-11772, and CVE-2024-11773, affect CSA versions 5.0.2 and earlier.
Without prompt mitigation, these flaws could allow malicious attackers to bypass authentication, execute remote code, and manipulate databases, posing significant risks to organizations that rely on CSA for endpoint management.
- CVE-2024-11639: This vulnerability enables attackers to bypass authentication in the CSA admin web console. By exploiting this flaw, a remote unauthenticated attacker can gain administrative access, potentially leading to a complete system compromise. With a CVSS score of 10, this vulnerability is deemed highly critical.
- CVE-2024-11772: This command injection vulnerability exists within the admin web console. An authenticated attacker with admin privileges could exploit this flaw to execute arbitrary commands on the server, leading to remote code execution. It has been assigned a CVSS score of 9.1, highlighting its critical nature.
- CVE-2024-11773: This SQL injection vulnerability affects the admin web console. An attacker with admin privileges can exploit this flaw to run arbitrary SQL statements, which could result in unauthorized data manipulation or access. This vulnerability also has a CVSS score of 9.1.
To address these vulnerabilities, Ivanti has released CSA version 5.0.3. Users and administrators of affected versions are strongly advised to update to this latest version immediately to mitigate the associated risks. Ensuring that systems are updated and secure is crucial for maintaining the integrity and security of organizational data and infrastructure.
