CVE-2024-11772: 
Ivanti Cloud Services Appliance vulnerability analysis and mitigation

A command injection vulnerability (CVE-2024-11772) was discovered in the admin web console of Ivanti Cloud Services Application (CSA) affecting versions before 5.0.3. The vulnerability was disclosed on December 10, 2024, and impacts Ivanti CSA's administrative interface. This security flaw allows remote authenticated attackers with administrative privileges to achieve remote code execution on affected systems (NVD, Hacker News).

The vulnerability has been assigned a Critical severity rating with a CVSS v3.1 base score of 9.1 by Ivanti, while NIST assigned it a High severity score of 7.2. The vulnerability is classified as CWE-77 (Improper Neutralization of Special Elements used in a Command), indicating a command injection flaw. The attack vector is network-based (AV:N) with low attack complexity (AC:L), requiring high privileges (PR:H) and no user interaction (UI:N) (NVD).

If successfully exploited, this vulnerability allows an authenticated attacker with administrative privileges to execute arbitrary code on the affected system. This could potentially lead to complete system compromise, allowing attackers to gain full control over the Ivanti CSA installation (Hacker News).

Ivanti has released version 5.0.3 of the Cloud Services Application to address this vulnerability. Organizations are strongly advised to upgrade to this version immediately to mitigate the risk of potential exploitation (Hacker News).