CVE-2024-9379CISA KEVEPSS p98.6%

CVE-2024-9379Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability

Ivanti / Cloud Services Appliance (CSA)

Description

Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements.

Scoring

EPSS43.58% probability of exploitation · percentile 98.6% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2024-10-09

(incoming)1

TypeTargetConfidenceTier
KEVEntryIvanti Cloud Services Appliance (CSA) SQL Injection Vulnerabilitykev-cve-2024-93790%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
CVE
Ivanti Cloud Services Appliance OS Command Injection Vulnerability
CVE
Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability
CVE
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
CVE
CVE-2026-8111
CVE
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.