Latest Ivanti Cloud Services Appliance Vulnerability: CVE-2024-8963 #
Ivanti has issued an advisory for a path traversal vulnerability discovered in their Cloud Services Appliance product.
What is the impact? #
Successful exploitation of this vulnerability would allow an unauthenticated attacker "access to restricted functionality". When combined with the vulnerability disclosed last week, an attacker could "bypass admin authentication and execute arbitrary code on the appliance".
CVE-2024-8963 is rated critical with a CVSS score of 9.4.
Note that the vendor has indicated that there is evidence that this vulnerability is being exploited in the wild.
Are updates or workarounds available? #
Ivanti has indicated that the affected version of the product, version 4.6, is End-of-Life (EOL). According to Ivanti, updates or security patches will not be made available. Customers are urged to upgrade to version 5.0.
How to find potentially vulnerable systems with runZero #
From the Services Inventory, use the following query to locate systems running potentially vulnerable software:
protocol:http and html.title:="Ivanti(R) Cloud Services Appliance"
September 10, 2024 (CVE-2024-8190) #
Ivanti has issued an advisory for their Cloud Services Appliance product. Successful exploitation of this vulnerability would allow an attacker to execute arbitrary commands on the underlying operating system. Note that the attacker must be authenticated with Ivanti application administrator privileges to exploit this vulnerability.
CVE-2024-8190 is rated high with a CVSS score of 7.2.
Note that the vendor has indicated that there is evidence this vulnerability is being exploited in the wild.
Are updates or workarounds available? #
Ivanti has issued a patch for this vulnerability. Note that the affected version of the product, version 4.6, is considered end-of-life. Ivanti has indicated that no further updates or security patches will be provided for version 4.6 of this product and urges customers to upgrade to version 5.0.
How to find potentially vulnerable systems with runZero #
From the Services Inventory, use the following query to locate systems running potentially vulnerable software:
protocol:http and html.title:="Ivanti(R) Cloud Services Appliance"