Filtered by vendor Ivanti Subscriptions
Filtered by product Endpoint Manager Cloud Services Appliance Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-44529 1 Ivanti 1 Endpoint Manager Cloud Services Appliance 2024-11-21 9.8 Critical
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
CVE-2024-9381 1 Ivanti 1 Endpoint Manager Cloud Services Appliance 2024-10-16 7.2 High
Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.
CVE-2024-9379 1 Ivanti 1 Endpoint Manager Cloud Services Appliance 2024-10-10 6.5 Medium
SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
CVE-2024-9380 1 Ivanti 1 Endpoint Manager Cloud Services Appliance 2024-10-10 7.2 High
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.
CVE-2024-8963 1 Ivanti 1 Endpoint Manager Cloud Services Appliance 2024-09-21 9.4 Critical
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.