Ivanti Endpoint Manager Cloud Services Appliance
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Ivanti Endpoint Manager Cloud Services Appliance.
By the Year
In 2026 there have been 0 vulnerabilities in Ivanti Endpoint Manager Cloud Services Appliance. Endpoint Manager Cloud Services Appliance did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 5 | 7.50 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 9.80 |
It may take a day or so for new Endpoint Manager Cloud Services Appliance vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Ivanti Endpoint Manager Cloud Services Appliance Security Vulnerabilities
Ivanti CSA Admin Web Console OS Command Injection (<=5.0.1)
CVE-2024-9380
7.2 - High
- October 08, 2024
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.
Command Injection
SQLi in Ivanti CSA Admin Console <5.0.2
CVE-2024-9379
6.5 - Medium
- October 08, 2024
SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
SQL Injection
Path traversal in Ivanti CSA pre 5.0.2 (auth admin)
CVE-2024-9381
7.2 - High
- October 08, 2024
Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.
Directory traversal
Unauthenticated Remote Path Traversal in Ivanti CSA before 4.6 Patch 519
CVE-2024-8963
9.4 - Critical
- September 19, 2024
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
Directory traversal
OS Command Injection - Ivanti Cloud Services Appliance 4.6 Patch 518 and prior
CVE-2024-8190
7.2 - High
- September 10, 2024
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
Shell injection
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA)
CVE-2021-44529
9.8 - Critical
- December 08, 2021
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
Code Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Ivanti Endpoint Manager Cloud Services Appliance or by Ivanti? Click the Watch button to subscribe.
