The SonicWall Capture Labs threat research team became aware of an authenticated SQL injection vulnerability affecting Ivanti Cloud Service Appliances (CSA). Identified as CVE-2024-9379 and with a moderate score of 6.5 CVSSv3, the vulnerability is more severe than it initially appears due to reported exploitation attempts.
Recently, in its October security update, Ivanti announced, “We are aware of a limited number of customers running CSA 4.6 patch 518 and prior who have been exploited when CVE-2024-9379, CVE-2024-9380, or CVE-2024-9381 are chained with CVE-2024-8963,”. Labeled as a SQL Injection vulnerability and categorized as CWE-89, this vulnerability allows authenticated attackers to run arbitrary SQL statements and compromise Server Database.
Read more…
Source: SonicWall
Related:
- IBM Patches Reflected XSS in Worklight, MobileFirst
August 2, 2017
BM fixed a cross-site scripting vulnerability in two products last month that could have let an attacker execute malicious JavaScript code in a victim’s browser to steal sensitive information, or user credentials. The vulnerability (CVE-2017-1500) lingered in the products, Worklight and MobileFirst, for almost a year. Gabriele Gristina, a security consultant for the Italian information security ...
- Attack Uses Docker Containers To Hide, Persist, Plant Malware
July 27, 2017
A novel attack vector allows for adversaries to abuse the Docker API to hide malware on targeted systems, and even execute remote code. The proof of concept attack was developed by researchers at Aqua Security, and the technique was first demonstrated today at Black Hat by Sagie Dulce, senior security researcher, with Aqua Security. The attack works ...
- CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware
July 27, 2017
Last month, we reported about a group of hackers exploiting SambaCry—a 7-year-old critical remote code execution vulnerability in Samba networking software—to hack Linux computers and install malware to mine cryptocurrencies. The same group of hackers is now targeting Windows machines with a new backdoor, which is a QT-based re-compiled version of the same malware used to ...
- Novel Attack Tricks Servers to Cache, Expose Personal Data
July 25, 2017
Researcher Omer Gil has devised a way to trick a web server into caching pages and exposing personal data. The so-called web caching attack targets sites that use content delivery network (CDN) services such as Akamai and Cloudflare. These services act as traffic load balancers and reverse proxies, and store files that are frequently retrieved in ...
- Apple Patches BroadPwn Bug in iOS 10.3.3
July 20, 2017
Apple released iOS 10.3.3 Wednesday, which serves as a cumulative update that includes patches for multiple vulnerabilities including the high-profile BroadPwn bug that allowed an attacker to seize control of a targeted iOS device. BroadPwn was revealed earlier this month as a flaw in Broadcom Wi-Fi chipsets used in Apple and Android devices. Apple said the ...
- Critical Code Injection Flaw In Gnome File Manager Leaves Linux Users Open to Hacking
July 19, 2017
A security researcher has discovered a code injection vulnerability in the thumbnail handler component of GNOME Files file manager that could allow hackers to execute malicious code on targeted Linux machines. Dubbed Bad Taste, the vulnerability (CVE-2017-11421) was discovered by German researcher Nils Dagsson Moskopp, who also released proof-of-concept code on his blog to demonstrate the ...