Ivanti Releases Urgent Security Patches for CSA and Connect Secure Vulnerabilities
Ivanti has rolled out security patches to fix various severe weaknesses in its Cloud Services Application (CSA) and Connect Secure products that have the potential to res
Ivanti Releases Urgent Security Patches for CSA and Connect Secure Vulnerabilities
Ivanti has rolled out security patches to fix various severe weaknesses in its Cloud Services Application (CSA) and Connect Secure products that have the potential to result in privilege escalation and code execution. The vulnerabilities identified are listed below:
– CVE-2024-11639 (CVSS score: 10.0) – This is an authentication bypass flaw in the administrative web console of Ivanti CSA versions prior to 5.0.3, which enables an external party to gain unauthorised access
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
