About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
VULNERABILITies
Ivanti Cloud Services Appliance (CSA) Authentication Bypass
Identifier: CVE-2024-11639
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2024-11639 – Ivanti Security Advisory
Description: CVE-2024-11639 is a critical authentication bypass vulnerability affecting Ivanti's Cloud Services Appliance (CSA) versions 5.0.2 and earlier. This vulnerability allows unauthenticated attackers to gain administrative privileges through the admin web console, potentially leading to complete system compromise. The flaw was responsibly disclosed, and there is no evidence of exploitation prior to disclosure.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to Ivanti CSA version 5.0.3 or later, as listed in the Ivanti Security Advisory. Immediate patching is strongly recommended to protect against potential exploitation.