5 matches found
Information disclosure
Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information...
Ivanti Endpoint Manager Security Vulnerability
Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti USA. A security vulnerability exists in Ivanti Endpoint Manager 2022 SU3 and prior versions, which originated from a vulnerability that allows an attacker to read arbitrary files and cause information disclosure...
PT-2023-25135 · Ivanti · Ivanti Endpoint Manager
Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2022 su3 Description: The issue is related to unsafe deserialization of user input, which could lead to the execution of unauthorized operations. This could allow an attacker to execute commands...
Deserialization of untrusted data
A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS Operating System vulnerabilities to escalate privileges on the machine or be used as a...
CVE-2023-28323
A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS Operating System vulnerabilities to escalate privileges on the machine or be used as a...