Lucene search
+L

5 matches found

hivepro
hivepro
added 2024/01/09 10:10 a.m.36 views

Attacks, Vulnerabilities and Actors 1 January to 7 January 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of twelve executed attacks, two instances of adversary activity, and three exploited...

5.8CVSS8AI score0.0997EPSS
Exploits0
CVE
CVE
added 2024/01/09 1:33 a.m.70 views

CVE-2023-39336

CVE-2023-39336 affects Ivanti Endpoint Manager versions prior to 2022 SU5. The vulnerability is described as an SQL injection in the product that can be exploited by an attacker with internal-network access to execute arbitrary SQL queries and retrieve output without authentication; under certain...

9.6CVSS9.7AI score0.0997EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/09 1:33 a.m.25 views

CVE-2023-39336

An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under specific circumstances, this may also lead to RC...

9.6CVSS9.4AI score0.0997EPSS
Exploits0References1
hivepro
hivepro
added 2024/01/08 9:7 a.m.51 views

Ivanti Addresses Critical Vulnerability in Endpoint Manager

Summary: Ivanti addressed a critical vulnerability CVE-2023-39336 in its Endpoint Management software, ensuring secure usage for its 40,000 worldwide customers. The flaw, resolved in version 2022 Service Update 5, posed a risk of pre-authenticated sql injection and possibly Remote Code Injection ...

5.8CVSS8.2AI score0.0997EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/01/05 7:42 a.m.95 views

Alert: Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager Solution

Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager EPM solution that, if successfully exploited, could result in remote code execution RCE on susceptible servers. Tracked as CVE-2023-39336, the vulnerability has been rated 9.6 out of 10 on the CVSS...

10CVSS9.2AI score0.99999EPSS
Exploits20
Rows per page
Query Builder