## https://sploitus.com/exploit?id=SAINT:692885FA6650B32EC4B48FF9BAE9AFBB
Added: 03/26/2024
### Background
Ivanti Cloud Services Appliance (CSA) is an appliance that connects the console and managed devices over the Internet.
### Problem
Cloud Services Appliance 4.5 and 4.6 are affected by a vulnerability which could allow a remote unauthenticated attacker to inject arbitrary commands by sending a GET request with a specially crafted `**exec**` cookie.
### Resolution
Upgrade to CSA 4.6 and apply patch 512.
### References
https://forums.ivanti.com/s/article/SA-2021-12-02