A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
Metrics
Affected Vendors & Products
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 22 Oct 2025 00:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 21 Oct 2025 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 21 Oct 2025 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 30 Jul 2025 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:patch_512:*:*:*:*:*:* | |
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: hackerone
Published:
Updated: 2025-10-21T23:25:23.846Z
Reserved: 2021-12-02T00:00:00.000Z
Link: CVE-2021-44529

Updated: 2024-08-04T04:25:16.804Z

Status : Modified
Published: 2021-12-08T22:15:10.163
Modified: 2025-10-22T00:17:49.817
Link: CVE-2021-44529

No data.

No data.