Unrated severityNVD Advisory· Published Nov 16, 2020· Updated Aug 4, 2024
CVE-2020-13772
CVE-2020-13772
Description
In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required.
Affected products
2- Ivanti/Endpoint Managerdescription
- Range: <=2020.1.1
Patches
Vulnerability mechanics
References
2- forums.ivanti.com/s/mitrex_refsource_MISC
- labs.jumpsec.com/cve-2020-13772-ivanti-uem-system-information-disclosure/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.