Ivanti Product Security Update Advisory (CVE-2024-8963)

Sep 20 2024

Overview

An update has been released to address vulnerabilities in Ivanti products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-8963

Ivanti Cloud Services Appliance (CSA) versions: 4.6 (all versions on or below Patch 519)

Resolved Vulnerabilities

Vulnerability in Ivanti CSA via path traversal that allows remote, unauthenticated attackers to access restricted functionality (CVE-2024-8963)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available in the latest updates. If you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-8963

Ivanti Cloud Services Appliance (CSA) version: 5.0 (Recommended)
Ivanti Cloud Services Appliance (CSA) version: 4.6 Patch 519

References

[1] CVE-2024-8963 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-8963

[2] Security Advisory Ivanti CSA 4.6 (Cloud Services Appliance) (CVE-2024-8963)

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-4-6-Cloud-Services-Appliance-CVE-2024-8963?language=en_US

Ivanti Product Security Update Advisory (CVE-2024-8963)

Microsoft Edge browser security update advisory

FreeBSD Vulnerability Security Update Advisory (CVE-2024-41721)

Tags:

Microsoft Edge browser security update advisory

FreeBSD Vulnerability Security Update Advisory (CVE-2024-41721)