CVE-2024-9379
MEDIUM KEVIvanti Endpoint Manager Cloud Services Appliance < 5.0.2 - Authenticated SQL Injection in Admin Web Console
Title source: llmExploitation Summary
CVE-2024-9379 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added October 9, 2024.
Description
SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
References (2)
Core 2
Core References
Vendor Advisory
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9379
Scores
CVSS v3
6.5
EPSS
0.8168
EPSS Percentile
99.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2024-10-09
VulnCheck KEV
2024-10-08
InTheWild.io
2024-10-09
ENISA EUVD
EUVD-2024-49897
CWE
CWE-89
Status
published
Products (1)
ivanti/endpoint_manager_cloud_services_appliance
< 5.0.2
Published
Oct 08, 2024
KEV Added
Oct 09, 2024
Tracked Since
Feb 18, 2026