Filtered by vendor Ivanti
Subscriptions
Filtered by product Endpoint Manager Cloud Services Appliance
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-9381 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2024-10-16 | 7.2 High |
Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions. | ||||
CVE-2024-9379 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2024-10-10 | 6.5 Medium |
SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements. | ||||
CVE-2024-9380 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2024-10-10 | 7.2 High |
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. | ||||
CVE-2024-8963 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2024-09-21 | 9.4 Critical |
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. | ||||
CVE-2021-44529 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2024-08-14 | 9.8 Critical |
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody). |
Page 1 of 1.