Unrated severityNVD Advisory· Published Jun 3, 2019· Updated Aug 4, 2024
CVE-2019-12374
CVE-2019-12374
Description
A SQL Injection vulnerability exists in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 due to improper username sanitization in the Basic Authentication implementation in core/provisioning.secure/ProvisioningSecure.asmx in Provisioning.Secure.dll.
Affected products
2- Ivanti/LANDESK Management Suitedescription
- Range: =10.0.1.168 Service Update 5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.gnzlabs.io/gnzlabs-blog/landesk-management-server-multiple-vulnerabilities/mitrex_refsource_MISC
- www.gnzlabs.io/gnzlabs-blog/landesk-management-server-sql-injection/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.