COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Cloud Services Appliance (CSA) product

3
failure events
0
zero-days
2
RCEs
3
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2024-10-09 CVE-2024-9380 high ⚡RCE ⌖KEV 65 Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.
2024-09-19 CVE-2024-8963 high ⚡RCE ⌖KEV 65 Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and exec
2024-10-09 CVE-2024-9379 high ⌖KEV 50 Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements.