VDB

GCVE-VVD-NCSC-2024-379

GCVE-VVD-NCSC-2024-379
Advisory PublishedCVSS 7.2/10
Vulnetix · Advisory published September 20, 2024
Ivanti heeft kwetsbaarheden verholpen in Cloud Services Appliance v 4.6.
Download JSON Open in Console

Weaknesses (CWE)

CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Risk Scores

CVSS 3.1
7.2/10
High · CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
ivanticloud_services_appliance

Aliases

CVE-2024-8190CVE-2024-8963

Transitive aliases

BDU:2024-07253VVD-CISA-2024-8963EUVD-2024-49510BDU:2024-07787CERTFR-2024-ALE-013VVD-CISA-2024-8190EUVD-2024-49004GHSA-w7rx-cmpf-jrppNCSC-2024-0379GHSA-qjx2-rcx8-qr2r

References

advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›