CVE-2024-8963: Ivanti Cloud Services Appliance (CSA) Path Traversal
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability. Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary commands on the appliance.
- CISA KEV-listed (remediation due 2024-10-10)
- EPSS 94.2% (99.9% percentile)