CVE DATABASE / CVE-2024-9379
CVE-2024-9379
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
Confirmed exploited in the wild. Added 2024-10-09.
Federal remediation due 2024-10-30.
Required action: As Ivanti CSA 4.6.x has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line, or later, of supported solution.
Summary
SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
CVSS 3.1 breakdown
| Base score | 6.5 (MEDIUM) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | HIGH |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9379
Data: NIST NVD + CISA KEV. NVD last modified 2025-10-24. Always verify against the vendor advisory before acting.