Ivanti Cloud Services Appliance exec cookie command injection

Added: 03/26/2024

Background

Ivanti Cloud Services Appliance (CSA) is an appliance that connects the console and managed devices over the Internet.

Problem

Cloud Services Appliance 4.5 and 4.6 are affected by a vulnerability which could allow a remote unauthenticated attacker to inject arbitrary commands by sending a GET request with a specially crafted exec cookie.

Resolution

Upgrade to CSA 4.6 and apply patch 512.

References

https://forums.ivanti.com/s/article/SA-2021-12-02

Back to exploit index