Advanced SQL Injection Vulnerability in Ivanti CSA
CVE-2024-11773
7.2HIGH
What is CVE-2024-11773?
A vulnerability exists in the admin web console of the Ivanti Cloud Services Application prior to version 5.0.3, wherein remote authenticated attackers with admin privileges can exploit an SQL injection flaw. This weakness allows attackers to execute arbitrary SQL statements against the underlying database, potentially compromising data integrity and security. Ensuring timely updates and implementing strict access controls are essential measures to mitigate risks associated with this vulnerability.
Affected Version(s)
Cloud Services Application 5.0.3