Zero-day vulnerability in Ivanti Cloud Services Appliance (CSA)

Advisory: SB2024100852 - Multiple vulnerabilities in Ivanti Cloud Services Appliance (CSA)

Vulnerable component: Ivanti Cloud Services Appliance (CSA)

CVE-ID: CVE-2024-9381

CVSSv3 score: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Description:

The vulnerability allows a remote user to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote user can send a specially crafted HTTP request and compromise the affected system.

Note, the vulnerability is being actively exploited in the wild against Ivanti CSA 4.6 users, according to vendor's advisory. Vulnerability exploitation was chained with previously address vulnerability #VU97617 (CVE-2024-8963).

External links:

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381