4 matches found
VulnCheck KEV: CVE-2024-13161
Ivanti Endpoint Manager EPM contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information...
CVE-2024-13161
creationtimestamp| type| source ---|---|--- 2025-01-14 17:21:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113827859604397642 2025-01-14 18:16:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpuayh6su2r 2025-01-16 09:05:19+00:00| seen|...
CVE-2024-13161
CVE-2024-13161 concerns Ivanti Endpoint Manager (EPM) where an absolute path traversal/credential-coercion issue was reported in the GetHashForSingleFile endpoint. The NUCLEI template confirms unauthenticated access could coerce the EPM machine account credential by triggering NTLM authentication...
CVE-2024-13161
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information...