THREATOPS
THREAT OPSCVEs › CVE-2024-8963

CVE-2024-8963 — Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability

CISA KEVExploited: confirmedIvanti

Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary commands on the appliance.

Vulnerability details