VYPR
Unrated severityCISA KEVNVD Advisory· Published May 31, 2024· Updated Oct 21, 2025

CVE-2024-29824

CVE-2024-29824

Description

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Affected products

2
  • Ivanti/EPMllm-fuzzy2 versions
    <=2022 SU5+ 1 more
    • (no CPE)range: <=2022 SU5
    • (no CPE)range: 2022 SU5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.