## https://sploitus.com/exploit?id=SAINT:7ADBD105784DA740BD493D2B62B5FAA6
Added: 03/26/2024
### Background
Ivanti Cloud Services Appliance (CSA) is an appliance that connects the console and managed devices over the Internet.
### Problem
Cloud Services Appliance 4.5 and 4.6 are affected by a vulnerability which could allow a remote unauthenticated attacker to inject arbitrary commands by sending a GET request with a specially crafted `**exec**` cookie.
### Resolution
Upgrade to CSA 4.6 and apply patch 512.
### References
https://forums.ivanti.com/s/article/SA-2021-12-02