REDLEGG BLOG

Emergency Security Bulletin: Ivanti Cloud Services Appliance Authentication Bypass

12/12/24 11:21 AM  |  by RedLegg's Cyber Threat Intelligence Team

About:

RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.


VULNERABILITies

Ivanti Cloud Services Appliance (CSA) Authentication Bypass

Identifier: CVE-2024-11639
Exploit or POC: No known public proof of concept has been reported. 
Update: CVE-2024-11639 – Ivanti Security Advisory

Description: CVE-2024-11639 is a critical authentication bypass vulnerability affecting Ivanti's Cloud Services Appliance (CSA) versions 5.0.2 and earlier. This vulnerability allows unauthenticated attackers to gain administrative privileges through the admin web console, potentially leading to complete system compromise. The flaw was responsibly disclosed, and there is no evidence of exploitation prior to disclosure.

Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to Ivanti CSA version 5.0.3 or later, as listed in the Ivanti Security Advisory. Immediate patching is strongly recommended to protect against potential exploitation.

Get Blog Updates

Related Articles

Emergency Security Bulletin: Multiple SAP NetWeaver Vulnerabilities Vulnerability Bulletins

Emergency Security Bulletin: Multiple SAP NetWeaver Vulnerabilities

About: RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide ...
Patch Tuesday - January 2025 Vulnerability Bulletins

Patch Tuesday - January 2025

*Important note: These are not the only vulnerabilities that were recently released; however, these are the ...
Critical Security Vulnerabilities Bulletin