Federal agencies must patch as soon as possible

Federal agencies must patch as soon as possible

a month ago
Anonymous $genLyrxdTY

https://www.bleepingcomputer.com/news/security/ivanti-warns-of-another-critical-csa-flaw-exploited-in-attacks/

Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers.

Tracked as CVE-2024-8963, this admin bypass vulnerability is caused by a path traversal weakness. Successful exploitation allows remote unauthenticated attackers to access restricted functionality on vulnerable CSA systems (used as gateways to provide enterprise users secure access to internal network resources).

Federal agencies must patch as soon as possible

Thu Sep 19, 7:28pm UTC
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-another-critical-csa-flaw-exploited-in-attacks/ > Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. > Tracked as CVE-2024-8963, this admin bypass vulnerability is caused by a path traversal weakness. Successful exploitation allows remote unauthenticated attackers to access restricted functionality on vulnerable CSA systems (used as gateways to provide enterprise users secure access to internal network resources).