CVE-2024-47908
published 2025-02-11CVE-2024-47908: OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote…
PriorityP259high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
21.98%
97.4th percentile
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | cloud_services_appliance | < 5.0.5 | 5.0.5 |
Detection & IOCsextracted from sources · hover to see the quote
- →Target product is Ivanti CSA (Cloud Services Application) admin web console; monitor for OS command injection attempts by authenticated admin users in the admin web console interface
- ·Exploitation requires remote authenticated attacker with admin privileges; scope is limited to admin console users, but RCE impact is critical (CVSS 9.1) ↗
- ·Affected versions are Ivanti CSA prior to 5.0.5; upgrade to 5.0.5 or later to remediate ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ivanti
Ivanti Security Advisory: CVE-2024-47908
vendor_ivanti·2025-02-11·CVSS 9.1
CVE-2024-47908 [CRITICAL] CWE-78 Ivanti Security Advisory: CVE-2024-47908
Ivanti Security Advisory: CVE-2024-47908
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVE IDs: CVE-2024-47908
CVSS Base Score: 9.1
Severity: CRITICAL
CWEs: CWE-78
GHSA
GHSA-jgrg-xx2q-5xgc: OS command injection in the admin web console of Ivanti CSA before version 5
ghsa_unreviewed·2025-02-11
CVE-2024-47908 [CRITICAL] CWE-78 GHSA-jgrg-xx2q-5xgc: OS command injection in the admin web console of Ivanti CSA before version 5
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-02-11
Published