6.7 C
New York
Monday, March 10, 2025
type here...
Internet

Ivanti Problems Important Safety Updates for CSA and Attach Protected Vulnerabilities

By LatestFreeNews
0

Must read

LatestFreeNews
LatestFreeNewshttp://latestfreenews.com
CSA and Connect Secure Vulnerabilities

Ivanti has launched safety updates to deal with more than one essential flaws in its Cloud Services and products Utility (CSA) and Attach Protected merchandise that might result in privilege escalation and code execution.

The record of vulnerabilities is as follows –

  • CVE-2024-11639 (CVSS ranking: 10.0) – An authentication bypass vulnerability within the admin internet console of Ivanti CSA ahead of 5.0.3 that permits a faraway unauthenticated attacker to achieve administrative get entry to
  • CVE-2024-11772 (CVSS ranking: 9.1) – A command injection vulnerability within the admin internet console of Ivanti CSA ahead of model 5.0.3 that permits a faraway authenticated attacker with admin privileges to reach faraway code execution
  • CVE-2024-11773 (CVSS ranking: 9.1) – An SQL injection vulnerability within the admin internet console of Ivanti CSA ahead of model 5.0.3 that permits a faraway authenticated attacker with admin privileges to run arbitrary SQL statements
  • CVE-2024-11633 (CVSS ranking: 9.1) – An issue injection vulnerability in Ivanti Attach Protected ahead of model 22.7R2.4 that permits a faraway authenticated attacker with admin privileges to reach faraway code execution
  • CVE-2024-11634 (CVSS ranking: 9.1) – A command injection vulnerability in Ivanti Attach Protected ahead of model 22.7R2.3 and Ivanti Coverage Protected ahead of model 22.7R1.2 that permits a faraway authenticated attacker with admin privileges to reach faraway code execution
  • CVE-2024-8540 (CVSS ranking: 8.8) – An insecure permissions vulnerability in Ivanti Sentry ahead of variations 9.20.2 and 10.0.2 or 10.1.0 that permits an area authenticated attacker to change delicate utility parts
Cybersecurity

The shortcomings were addressed within the underneath variations –

  • Ivanti Cloud Services and products Utility 5.0.3
  • Ivanti Attach Protected 22.7R2.4
  • Ivanti Coverage Protected 22.7R1.2
  • Ivanti Sentry 9.20.2, 10.0.2, and 10.1.0
See also  U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Cash Laundering

Whilst Ivanti has emphasised that it is not conscious about energetic exploitation of any of the aforementioned flaws, it is crucial that customers take fast motion for the reason that a number of flaws in its merchandise were abused through state-sponsored attackers for malicious actions.

- Advertisement -

Previous article
Mbappe limps off injured as Vinicius, Bellingham megastar in five-goal mystery
Next article
OpenAI Sora Overview: Options, Strengths & Barriers Defined

Related News

- Advertisement -
- Advertisement -

Latest News

- Advertisement -

Welcome to LatestFreeNews, your go-to source for the latest updates and insights on global affairs. We are dedicated to bringing you accurate and timely news coverage from around the world.

Legal Pages

Topics

Editor's Picks

© 2025 All Rights Reserved | Powered by Latestfreenews