Unrated severityNVD Advisory· Published Apr 8, 2025· Updated Feb 26, 2026
CVE-2025-22461
CVE-2025-22461
Description
SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with admin privileges to achieve code execution.
Affected products
2<2024 SU1 or <2022 SU7+ 1 more
- (no CPE)range: <2024 SU1 or <2022 SU7
- (no CPE)range: 2024 SU1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.