CVE-2024-11773

Name of the Vulnerable Software and Affected Versions: Ivanti Cloud Services Appliance versions prior to 5.0.3

Description: The issue is related to a lack of protection against SQL query structure exploitation in the admin web console of Ivanti Cloud Services Appliance. This allows a remote authenticated attacker with admin privileges to execute arbitrary SQL statements.

Recommendations: For versions prior to 5.0.3, update to version 5.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin web console to minimize the risk of exploitation.