VYPR
High severity7.2NVD Advisory· Published Sep 12, 2024· Updated Jun 17, 2026

CVE-2024-32846

CVE-2024-32846

Description

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Affected products

2
  • Ivanti/EPMllm-fuzzy2 versions
    <2022 SU6, or 2024 September update+ 1 more
    • (no CPE)range: <2022 SU6, or 2024 September update
    • (no CPE)range: 2024 September Security Update

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.