CVE-2024-8963

CriticalKnown Exploited

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.

ivanti·CWE-22·Published 2024-09-19

CVSS

9.1

EPSS

0.98

KEV

Yes

Exploits

cve.orgen

130 chars

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.

NVDen

130 chars

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.

Path Traversal en Ivanti CSA anterior al parche 4.6 519 permite que un atacante remoto no autenticado acceda a funcionalidad restringida.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.4	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
3.1	Primary	NVD	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.1	Secondary	NVD	9.4	3.9	5.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L