CVE-2024-47908

Critical

Published: 11 February 2025

Published

11 February 2025

Modified

20 February 2025

KEV Added

—

Patch

—

CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS Score 0.4397 97.6th percentile

Risk Priority 45 60% EPSS · 20% KEV · 20% CVSS

Description

OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Security Summary

CVE-2024-47908 is an OS command injection vulnerability (CWE-78) present in the admin web console of Ivanti Cloud Services Appliance (CSA) versions before 5.0.5. This flaw enables remote code execution and carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). The vulnerability was published on 2025-02-11.

A remote authenticated attacker possessing administrative privileges can exploit this vulnerability through the admin web console to inject and execute arbitrary operating system commands, resulting in remote code execution on the affected appliance.

Ivanti has published a security advisory addressing CVE-2024-47908, available at https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771, which covers mitigation steps including upgrading to Ivanti CSA version 5.0.5 or later.

Details

CWE(s): CWE-78

Affected Products

ivanti

cloud services appliance

≤ 5.0.5

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771
Vendor Advisory · 3c1d8aa1-5a33-4ea4-8992-aadd6440af75