CVE-2024-9379
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
⚠ KEVEPSS 79.3%
Description
Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements.
How to fix CVE-2024-9379
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2024-9379 being exploited?
Yes — CVE-2024-9379 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.