Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Endpoint_manager
(Ivanti)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 34 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-10 | CVE-2024-8322 | Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality. | Endpoint_manager | 8.8 | ||
| 2024-09-12 | CVE-2024-29847 | Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. | Endpoint_manager | 9.8 | ||
| 2024-09-12 | CVE-2024-32842 | An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Endpoint_manager | 7.2 | ||
| 2024-09-12 | CVE-2024-32840 | An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Endpoint_manager | 7.2 | ||
| 2024-09-12 | CVE-2024-32843 | An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Endpoint_manager | 7.2 | ||
| 2024-09-12 | CVE-2024-32846 | An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Endpoint_manager | 7.2 | ||
| 2024-09-12 | CVE-2024-32845 | An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Endpoint_manager | 7.2 | ||
| 2024-09-12 | CVE-2024-32848 | An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Endpoint_manager | 7.2 | ||
| 2024-09-12 | CVE-2024-34783 | An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Endpoint_manager | 7.2 | ||
| 2024-09-12 | CVE-2024-34779 | An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Endpoint_manager | 7.2 |