Endpoint Manager Security Vulnerabilities and Issues — Endpoint Manager CVE List

Lucene search

IvantiEndpoint Manager

3 matches found

CVE•added 2024/09/10 9:15 p.m.•45 views

CVE-2024-8320

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices.

5.3CVSS7.3AI score0.00847EPSS

CVE•added 2020/11/16 4:15 p.m.•32 views

CVE-2020-13772

In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required.

5.3CVSS5.1AI score0.01978EPSS

CVE•added 2020/11/16 4:15 p.m.•26 views

CVE-2020-13773

Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS/frm_coremainfrm.aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx, and /LDMS/query_browsecomp.aspx.

5.4CVSS5.2AI score0.00136EPSS