Ivanti has issued a security advisory regarding three critical vulnerabilities in its Cloud Services Application, including an authentication bypass flaw rated CVSS 10.
The vulnerabilities allow unauthorized users to gain admin privileges, execute remote code, or run arbitrary SQL commands, posing a significant threat to organizational security.
Ivanti advisory stated there are no known exploitation incidents reported prior to these vulnerabilities being disclosed, but customers should upgrade to version 5.0.3.
The flaws primarily target the admin web console of Ivanti CSA, which has previously prompted concern from cybersecurity authorities like CISA.
Collection
[
|
...
]