Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Endpoint_manager_cloud_services_appliance
(Ivanti)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-12-08 | CVE-2021-44529 | A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody). | Endpoint_manager_cloud_services_appliance | 9.8 | ||
| 2024-10-08 | CVE-2024-9381 | Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions. | Endpoint_manager_cloud_services_appliance | 7.2 | ||
| 2024-10-08 | CVE-2024-9379 | SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements. | Endpoint_manager_cloud_services_appliance | 7.2 | ||
| 2024-10-08 | CVE-2024-9380 | An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. | Endpoint_manager_cloud_services_appliance | 7.2 | ||
| 2024-09-19 | CVE-2024-8963 | Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. | Endpoint_manager_cloud_services_appliance | 9.1 |