Ivanti has launched safety updates to deal with a number of essential flaws in its Cloud Providers Utility (CSA) and Join Safe merchandise that might result in privilege escalation and code execution.
The checklist of vulnerabilities is as follows –
- CVE-2024-11639 (CVSS rating: 10.0) – An authentication bypass vulnerability within the admin net console of Ivanti CSA earlier than 5.0.3 that permits a distant unauthenticated attacker to realize administrative entry
- CVE-2024-11772 (CVSS rating: 9.1) – A command injection vulnerability within the admin net console of Ivanti CSA earlier than model 5.0.3 that permits a distant authenticated attacker with admin privileges to attain distant code execution
- CVE-2024-11773 (CVSS rating: 9.1) – An SQL injection vulnerability within the admin net console of Ivanti CSA earlier than model 5.0.3 that permits a distant authenticated attacker with admin privileges to run arbitrary SQL statements
- CVE-2024-11633 (CVSS rating: 9.1) – An argument injection vulnerability in Ivanti Join Safe earlier than model 22.7R2.4 that permits a distant authenticated attacker with admin privileges to attain distant code execution
- CVE-2024-11634 (CVSS rating: 9.1) – A command injection vulnerability in Ivanti Join Safe earlier than model 22.7R2.3 and Ivanti Coverage Safe earlier than model 22.7R1.2 that permits a distant authenticated attacker with admin privileges to attain distant code execution
- CVE-2024-8540 (CVSS rating: 8.8) – An insecure permissions vulnerability in Ivanti Sentry earlier than variations 9.20.2 and 10.0.2 or 10.1.0 that permits a neighborhood authenticated attacker to switch delicate software elements
The shortcomings have been addressed within the beneath variations –
- Ivanti Cloud Providers Utility 5.0.3
- Ivanti Join Safe 22.7R2.4
- Ivanti Coverage Safe 22.7R1.2
- Ivanti Sentry 9.20.2, 10.0.2, and 10.1.0
Whereas Ivanti has emphasised that it is not conscious of energetic exploitation of any of the aforementioned flaws, it is crucial that customers take fast motion provided that a number of flaws in its merchandise have been abused by state-sponsored attackers for malicious actions.
