CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2024-11639

CVSS 10.0v3.1pub. 2024-12-10upd. 2025-01-17

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access

🤖 AI Analysis
How it works

The vulnerability classified as CWE-288 (authentication bypass using alternate path) and CWE-306 (missing authentication for critical function) involves the ability to bypass authentication mechanisms in the administrative web console. An attacker can gain access to protected administrative functions without providing any credentials by exploiting an alternative path or missing identity verification mechanism. The attack is possible remotely over the network without requiring prior access to the system.

Impact

An attacker gains full administrative privileges to Ivanti CSA, enabling arbitrary configuration modifications, access to sensitive data, and potential compromise of confidentiality, integrity, and availability of the entire system.

Mitigation & patch

Ivanti CSA must be immediately updated to version 5.0.3 or later. Detailed information is available in the official Ivanti security bulletin at the address indicated in the references. Until the patch is deployed, it is recommended to restrict access to the administrative web console only to trusted IP addresses using a firewall.

Who is affected

Ivanti Cloud Services Appliance (CSA) in versions before 5.0.3

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Ivanti Cloud Services Appliance

    APP
    Ivanti
    < 5.0.3
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-47908CRITICAL9.1PL ✓ten sam produkt

OS command injection w Ivanti CSA — RCE dla admina

CVE-2024-11772CRITICAL9.1PL ✓ten sam produkt

Command injection w konsoli administracyjnej Ivanti CSA umożliwia RCE

CVE-2024-11773CRITICAL9.1PL ✓ten sam produkt

SQL injection w konsoli administracyjnej Ivanti CSA — zdalne wykonanie zapytań SQL

CVE-2024-8190HIGH7.2⚠ KEVten sam produkt

An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before all...

CVE-2025-22460HIGH7.8ten sam produkt

Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated att...