CVE-2024-8190

{"id": "CVE-2024-8190", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2024-09-10T21:15:14.697", "references": [{"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190", "tags": ["Vendor Advisory"], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"}, {"url": "https://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en las versiones 4.6, parche 518 y anteriores de Ivanti Cloud Services Appliance permite que un atacante autenticado de forma remota obtenga la ejecuci\u00f3n remota de c\u00f3digo. El atacante debe tener privilegios de nivel de administrador para aprovechar esta vulnerabilidad."}], "lastModified": "2024-11-26T19:55:46.433", "cisaActionDue": "2024-10-04", "cisaExploitAdd": "2024-09-13", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ivanti:cloud_services_appliance:4.6:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B63CA83-3DB3-4670-878E-17A54586B25E"}, {"criteria": "cpe:2.3:a:ivanti:cloud_services_appliance:4.6:patch_518:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61C0BF44-691D-4811-BE9E-FB9B6CC856B9"}], "operator": "OR"}]}], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "cisaRequiredAction": "As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive future security updates.", "cisaVulnerabilityName": "Ivanti Cloud Services Appliance OS Command Injection Vulnerability"}