EPM
by Ivanti
CVEs (48)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-29822 | 0.00 | — | 0.00 | May 31, 2024 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | |||
| CVE-2024-29826 | 0.00 | — | 0.02 | May 31, 2024 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | |||
| CVE-2024-29828 | 0.00 | — | 0.00 | May 31, 2024 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||
| CVE-2024-29829 | 0.00 | — | 0.00 | May 31, 2024 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||
| CVE-2024-29846 | 0.00 | — | 0.00 | May 31, 2024 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||
| CVE-2024-29830 | 0.00 | — | 0.00 | May 31, 2024 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||
| CVE-2024-22058 | 0.00 | — | 0.00 | May 31, 2024 | A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older. | |||
| CVE-2024-29825 | 0.00 | — | 0.02 | May 31, 2024 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. |
- CVE-2024-29822May 31, 2024risk 0.00cvss —epss 0.00
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
- CVE-2024-29826May 31, 2024risk 0.00cvss —epss 0.02
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
- CVE-2024-29828May 31, 2024risk 0.00cvss —epss 0.00
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
- CVE-2024-29829May 31, 2024risk 0.00cvss —epss 0.00
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
- CVE-2024-29846May 31, 2024risk 0.00cvss —epss 0.00
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
- CVE-2024-29830May 31, 2024risk 0.00cvss —epss 0.00
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
- CVE-2024-22058May 31, 2024risk 0.00cvss —epss 0.00
A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older.
- CVE-2024-29825May 31, 2024risk 0.00cvss —epss 0.02
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
Page 3 of 3