Lucene search
HackeroneCVE-2024-22026HistoryMay 22, 2024 - 11:15 p.m.
CVE-2024-22026
2024-05-2223:15:08
hackerone
web.nvd.nist.gov
39
epmm
local privilege escalation
bypass shell restriction
arbitrary commands
authenticated user
nvd
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
EPSS
0
Percentile
9.0%
A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance.
Affected configurations
Node
ivantiendpoint_manager_mobileRange<12.1.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ivanti | endpoint_manager_mobile | * | cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"vendor": "Ivanti",
"product": "EPMM",
"versions": [
{
"version": "12.1.0.0",
"status": "affected",
"lessThan": "12.1.0.0",
"versionType": "semver"
},
{
"version": "12.0.0.0",
"status": "affected",
"lessThan": "12.0.0.0",
"versionType": "semver"
},
{
"version": "11.12.0.1",
"status": "affected",
"lessThan": "11.12.0.1",
"versionType": "semver"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-22026
2024-05-22 22:55:11
githubexploit
githubexploit
Exploit for CVE-2024-22026
2024-05-15 11:20:45
cvelist
cvelist
CVE-2024-22026
2024-05-22 22:55:11
nvd
nvd
CVE-2024-22026
2024-05-22 23:15:08
thn
thn
CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now
2024-05-17 06:43:00
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-22026