4 matches found
PT-2025-1126 · Ivanti · Ivanti Epm
Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions prior to 2024 January-2025 Security Update Ivanti EPM versions prior to 2022 SU6 January-2025 Security Update Description: The issue is related to improper signature verification in Ivanti EPM, which can allow a remote...
CVE-2024-34779
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-8441
CVE-2024-8441 affects Ivanti Endpoint Manager (Ivanti EPM) agent. The issue is an uncontrolled search path that, on installations of Ivanti EPM before 2022 SU6 or the 2024 September update, can allow a local authenticated attacker with admin privileges to escalate to SYSTEM. Connected sources con...
PT-2024-6588 · Ivanti · Ivanti Epm
Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions before 2022 SU6 Ivanti EPM versions before the 2024 September update Description: The issue is related to SQL injection in the management console of Ivanti EPM, allowing a remote unauthenticated attacker to achieve remote...