Divya
2024-12-11 05:21:00
gbhackers.com
Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA).
These vulnerabilities tracked as CVE-2024-11639, CVE-2024-11772, and CVE-2024-11773, affect CSA versions 5.0.2 and earlier.
Without mitigation, these flaws could allow malicious attackers to bypass authentication, execute remote code, and manipulate databases, posing significant risks to organizations relying on CSA for endpoint management.
Vulnerability Details
CVE-2024-11639: Authentication Bypass
This critical vulnerability has been assigned a CVSS score of 10.0. It allows an unauthenticated attacker to bypass authentication mechanisms in the admin web console of CSA.
Exploiting this flaw grants the attacker full administrative access, potentially enabling them to take complete control of the system. The vulnerability is particularly dangerous because it does not require any prior privileges or user interaction.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar
CVE-2024-11772: Command Injection
With a CVSS score of 9.1, this vulnerability impacts administrators who already have elevated privileges on the CSA console.
It allows an attacker to execute arbitrary commands remotely via command injection, potentially leading to remote code execution.
While this flaw requires authenticated access, exploiting it could result in serious damage to system integrity and functionality.
CVE-2024-11773: SQL Injection
This critical vulnerability also rated 9.1 on the CVSS scale, enables attackers with admin privileges to perform SQL injection on the system.
By exploiting this flaw, malicious actors can execute arbitrary SQL queries, which may compromise the confidentiality, integrity, or availability of the system’s databases.
This could result in unauthorized access to sensitive information or disruption of database operations.
Affected Versions
The following table outlines the impacted and resolved versions of CSA:
Product | Impacted Version(s) | Resolved Version | Patch Availability |
Ivanti Cloud Services Application | 5.0.2 and earlier | 5.0.3 | Available on the Ivanti Download Portal |
Ivanti strongly advises all customers using CSA 5.0.2 or earlier to upgrade to version 5.0.3 immediately.
The patched version is available for download from the Ivanti Download Portal. Customers can refer to the documentation titled “Get Started with the Ivanti Cloud Service Application 5.0 for Endpoint Manager” for detailed instructions on the upgrade process.
Ivanti stated that, as of the disclosure date, there is no known evidence that these vulnerabilities have been exploited in the wild.
However, given the critical nature of CVE-2024-11639, which allows unauthenticated administrative access, the potential for exploitation remains high.
Organizations should prioritize this update to safeguard their systems and prevent potential unauthorized access or data breaches.
These vulnerabilities underscore the importance of timely patch management and proactive security measures.
Ivanti’s quick response in addressing these issues highlights its commitment to protecting customers. Users are urged to act immediately to ensure their systems remain secure.
Investigate Real-World Malicious Links,Malware & Phishing Attacks With ANY.RUN - Try for Free
Keep your files stored safely and securely with the SanDisk 2TB Extreme Portable SSD. With over 69,505 ratings and an impressive 4.6 out of 5 stars, this product has been purchased over 8K+ times in the past month. At only $129.99, this Amazon’s Choice product is a must-have for secure file storage.
Help keep private content private with the included password protection featuring 256-bit AES hardware encryption. Order now for just $129.99 on Amazon!
Support Techcratic
If you find value in Techcratic’s insights and articles, consider supporting us with Bitcoin. Your support helps me, as a solo operator, continue delivering high-quality content while managing all the technical aspects, from server maintenance to blog writing, future updates, and improvements. Support Innovation! Thank you.
Bitcoin Address:
bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge
Please verify this address before sending funds.
Bitcoin QR Code
Simply scan the QR code below to support Techcratic.
Please read the Privacy and Security Disclaimer on how Techcratic handles your support.
Disclaimer: As an Amazon Associate, Techcratic may earn from qualifying purchases.