THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-29824

Assignerhackerone
Reserved2024-03-20
Published2024-05-31
Updated2024-07-09

Description

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.



CRITICAL: 9.6CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Product status

Default status
unaffected

2022 SU5
affected

References

https://forums.ivanti.com/s/article/Security-Advisory-May-2024

cve.org CVE-2024-29824

nvd.nist.gov CVE-2024-29824

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-29824
© Copyright 2024 THREATINT. Made in Cyprus with +