Ivanti

Endpoint Manager Cloud Services Appliance

5 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2024-9381

  • EPSS 9.79%
  • Published 08.10.2024 17:15:57
  • Last modified 16.10.2024 13:30:34

Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.

7.2

CVE-2024-9379

Warning
  • EPSS 82.72%
  • Published 08.10.2024 17:15:56
  • Last modified 10.10.2024 15:53:20

SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.

7.2

CVE-2024-9380

Warning
  • EPSS 84.24%
  • Published 08.10.2024 17:15:56
  • Last modified 10.10.2024 15:50:03

An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.

9.1

CVE-2024-8963

Warning
  • EPSS 94.37%
  • Published 19.09.2024 18:15:10
  • Last modified 20.09.2024 16:32:02

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.

9.8

CVE-2021-44529

Warning Exploit
  • EPSS 94.46%
  • Published 08.12.2021 22:15:10
  • Last modified 13.03.2025 19:55:19

A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).