Vulnerability Details : CVE-2021-44529
Public exploit exists!
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
Vulnerability category: Execute code
Products affected by CVE-2021-44529
- cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:*:*:*:*:*:*:*:*
- cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:-:*:*:*:*:*:*
CVE-2021-44529 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
CISA required action:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
CISA description:
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).
Notes:
https://forums.ivanti.com/s/article/SA-2021-12-02?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2021-44529
Added on
2024-03-25
Action due date
2024-04-15
Exploit prediction scoring system (EPSS) score for CVE-2021-44529
97.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2021-44529
-
Ivanti Cloud Services Appliance (CSA) Command Injection
Disclosure Date: 2021-12-02First seen: 2023-09-11exploit/linux/http/ivanti_csa_unauth_rce_cve_2021_44529This module exploits a command injection vulnerability in the Ivanti Cloud Services Appliance (CSA) for Ivanti Endpoint Manager. A cookie based code injection vulnerability in the Cloud Services Appliance before `4.6.0-512` allows an unauthenticated user to e
CVSS scores for CVE-2021-44529
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-07-03 |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2021-44529
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by:
- nvd@nist.gov (Primary)
- support@hackerone.com (Secondary)
References for CVE-2021-44529
-
https://forums.ivanti.com/s/article/SA-2021-12-02
Security Advisory for Ivanti Endpoint Manager - Cloud Service Appliance - SA-2021-12-02Mitigation;Patch;Vendor Advisory
-
http://packetstormsecurity.com/files/170590/Ivanti-Cloud-Services-Appliance-CSA-Command-Injection.html
Ivanti Cloud Services Appliance (CSA) Command Injection ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/166383/Ivanti-Endpoint-Manager-CSA-4.5-4.6-Remote-Code-Execution.html
Ivanti Endpoint Manager CSA 4.5 / 4.6 Remote Code Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
Jump to