cbcvebase.
CVE-2024-11639
published 2024-12-10

CVE-2024-11639: An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access

PriorityP274critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
4.81%
90.8th percentile
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access

Affected

1 ranges
VendorProductVersion rangeFixed in
ivanticloud_services_appliance< 5.0.35.0.3

Detection & IOCsextracted from sources · hover to see the quote

  • Target product is Ivanti CSA (Cloud Services Application) admin web console versions before 5.0.3; any unauthenticated request reaching the admin web console interface that results in administrative access should be treated as suspicious
  • ·The vulnerability affects Ivanti CSA versions before 5.0.3 only; upgrading to 5.0.3 or later remediates the authentication bypass (CWE-288/CWE-306). CVSS Base Score is 10.0 (CRITICAL), indicating full unauthenticated remote exploitation is possible with no user interaction.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.