- Ivanti has released a security advisory and mitigations for a critical vulnerability in the Ivanti CSA 4.6 (Cloud Services Appliance).
- CVE-2024-8963 administrative bypass/path traversal in Ivanti CSA 4.6 before Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
- Ivanti is aware of active exploitation of this vulnerability.
Mitigation / How do I stay secure?
Organisations that use Ivanti CSA 4.6 (Cloud Services Appliance) should follow the mitigations advice provided in the Ivanti Security Advisory below:
Ivanti advise that CSA 4.6 is End of Life and strongly recommends that there customers upgrade to CSA 5.0.
About The Author
