CVE-2024-9381

ENISA EUVD: EUVD-2024-49899 ↗

✓ Confirmed 0-Day

Triaged: March 5, 2026 2 articles Published: 2024-10-08

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗

EPSS Score

Source: FIRST.org · 2026-05-23

1.32%

probability

This CVE has a 1.32% probability of being exploited in the next 30 days.

0% Top 80.1th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

7.2

HIGH

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.

Affected Products

Ivanti

CSA (Cloud Services Appliance)

5.0.2

ivanti

endpoint manager cloud services appliance

Ivanti

CSA (Cloud Services Appliance)

patch: 5.0.2

Attack Intelligence

CWE-22 · Path Traversal CWE-664 · Improper Control of a Resource Through its Lifetime CWE-706 · Use of Incorrectly-Resolved Name or Reference

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381

Signal Intelligence

Confidenceⓘ

85%

EPSS 1.32%

CVSS v3.1 7.2

Mentions 2

Last Seen Oct 22, 2024

CNA Information

CNA Assigner

ivanti

Analyst Note

CVE-2024-9381 is explicitly named in BleepingComputer's reporting of 'three more CSA zero-days exploited in attacks' with active exploitation documented. Published October 8, 2024, and confirmed exploited in the wild by mid-October 2024 (per CERT-FR alert dated October 22, 2024), indicating exploitation occurred contemporaneously with or before patch availability for this recently disclosed vulnerability.

Triage Info

Decided atMar 05, 2026

Published DateOct 08, 2024