Summary
Ivanti releases security updates that address 11 vulnerabilities, including one critical and nine high-severity vulnerabilities, in EPMM (Core), CSA (Cloud Services Appliance), Velocity License Server, Avalanche, Connect Secure, and Policy Sicuro products.
Note: The vendor states thatCVE-2024-9379 , CVE-2024-9380 e CVE-2024-9381 are being actively exploited online.
Risk
Restrictions Community Impact Estimate: SEVERE/RED (75.89/100) 1.
Type
- Write/Read Arbitrary Files
- Remote Code Execution
- Security Restriction Bypass
- Privilege Escalation
- Information Disclosure
- Denial of Service
- Authentication Bypass
Affected Products and Versions
Ivanti
- EPMM (Core), version 12.1.0.3 and earlier
- CSA (Cloud Services Appliance), version 5.0.1 and earlier
- Velocity License Server 5.1.x, versions prior to 5.1.2
- Avalanche, version 6.4.2.313 and earlier
- Connect Secure, version 22.7R2.1 and earlier
- Policy Secure, version 22.7R1.1 and earlier
Mitigation Actions
In line with vendor statements, it is recommended that vulnerable products be updated as per the security bulletins listed in the References section.
Unique Weakness Identifiers
The CVEs for the “Critical” and “High” severity weaknesses are listed below:
References
https://forums.ivanti.com/s/article/Ivanti-Avalanche-6-4-5-Security-Advisory?lingual=en_US
1 This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
