CVE-2024-9380CISA KEVEPSS p99.1%

CVE-2024-9380Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability

Ivanti / Cloud Services Appliance (CSA)

Description

Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.

Scoring

EPSS62.99% probability of exploitation · percentile 99.1% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2024-10-09

(incoming)1

TypeTargetConfidenceTier
KEVEntryIvanti Cloud Services Appliance (CSA) OS Command Injection Vulnerabilitykev-cve-2024-93800%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Ivanti Cloud Services Appliance OS Command Injection Vulnerability
CVE
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
CVE
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
CVE
Ivanti Connect Secure and Policy Secure Command Injection Vulnerability
CVE
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
CVE
CVE-2026-9614
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.