Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability (CVE-2024-8963)
Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary commands on the appliance.
A remote attacker, without authentication, can achieve full data confidentiality loss, arbitrary modification of data, partial service disruption. Federal agencies are required to remediate by 2024-10-10 under CISA BOD 22-01.
This is a Path Traversal (CWE-22) vulnerability in Ivanti Cloud Services Appliance (CSA). Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. Exploitation requires remote network access, low attack complexity, no authentication required, and no user interaction required.
📧
Phishing link
🖼
Malicious file
🔓
Server compromised
Probably yes if any of these apply:
CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2024-09-19 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2024-10-10.
Manual remediation steps
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.