Unrated severityCISA KEVNVD Advisory· Published Oct 8, 2024· Updated Oct 21, 2025

CVE-2024-9380

Description

An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.

Affected products

Ivanti/CSA (Cloud Services Appliance)v5
Range: 5.0.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.070
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000