Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Ivanti Cloud Services Appliance SQL Injection Vulnerability

Vulnerability

Exploited

Patched

A SQL injection vulnerability has been identified in the admin web console of Ivanti Cloud Services Appliance (CSA) versions prior to 5.0.2. This vulnerability allows remote authenticated attackers with admin privileges to execute arbitrary SQL statements. While exploitation of this vulnerability in CSA 5.0 has not been observed, it has been exploited in CSA 4.6 when chained with another vulnerability, leading to unauthorized remote code execution.

Impact

Exploitation of this vulnerability allows for arbitrary SQL execution, which could be used to manipulate the database or extract sensitive information.

Remediation

Users are advised to upgrade to Ivanti Cloud Services Appliance version 5.0.2. Instructions for downloading this version are available in the Ivanti Cloud Services Application 5.0.2 Download Release Notes Patch History.

Added: May 15, 2026, 11:04 AM

Updated: May 15, 2026, 11:04 AM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

5.0

exploitability

6.7

remediation

7.7

relevance

0.0

threat

9.6

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

5.0

exploitability

6.7

remediation

7.7

relevance

0.0

threat

9.6

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Ivanti Cloud Services Appliance SQL Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Ivanti CSA

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating