CVE-2025-11623 - Vulnerability Details - OpenCVE

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00054.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-October-2025

History

Mon, 13 Oct 2025 23:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 13 Oct 2025 21:30:00 +0000

Type	Values Removed	Values Added
Description		SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.
Weaknesses		CWE-89
References		https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-October-2025
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: ivanti

Published: 2025-10-13T21:09:07.731Z

Updated: 2025-10-13T23:09:19.977Z

Reserved: 2025-10-10T20:11:46.791Z

Link: CVE-2025-11623

Vulnrichment

Updated: 2025-10-13T23:09:17.358Z

NVD

Status : Received

Published: 2025-10-13T22:15:32.193

Modified: 2025-10-13T22:15:32.193

Link: CVE-2025-11623

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-11623", "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "state": "PUBLISHED", "assignerShortName": "ivanti", "dateReserved": "2025-10-10T20:11:46.791Z", "datePublished": "2025-10-13T21:09:07.731Z", "dateUpdated": "2025-10-13T23:09:19.977Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Endpoint Manager", "vendor": "Ivanti", "versions": [{"status": "affected", "version": "2024 SU3 SR1", "versionType": "custom"}, {"status": "affected", "version": "2022 SU8 SR2", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">SQL injection in Ivanti Endpoint Manager allows a </span><span style=\"background-color: rgb(255, 255, 255);\">remote</span> <span style=\"background-color: rgb(255, 255, 255);\">authenticated</span><span style=\"background-color: rgb(255, 255, 255);\"> attacker</span> <span style=\"background-color: rgb(255, 255, 255);\">to </span><span style=\"background-color: rgb(255, 255, 255);\">read arbitrary data from the database</span><span style=\"background-color: rgb(255, 255, 255);\">.</span>"}], "value": "SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database."}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "shortName": "ivanti", "dateUpdated": "2025-10-13T21:09:07.731Z"}, "references": [{"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-October-2025"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-13T23:09:12.558820Z", "id": "CVE-2025-11623", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-13T23:09:19.977Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-11623", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-13T23:09:12.558820Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-13T23:09:17.358Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Ivanti", "product": "Endpoint Manager", "versions": [{"status": "affected", "version": "2024 SU3 SR1", "versionType": "custom"}, {"status": "affected", "version": "2022 SU8 SR2", "versionType": "custom"}], "defaultStatus": "affected"}], "references": [{"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-October-2025"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">SQL injection in Ivanti Endpoint Manager allows a </span><span style=\"background-color: rgb(255, 255, 255);\">remote</span> <span style=\"background-color: rgb(255, 255, 255);\">authenticated</span><span style=\"background-color: rgb(255, 255, 255);\"> attacker</span> <span style=\"background-color: rgb(255, 255, 255);\">to </span><span style=\"background-color: rgb(255, 255, 255);\">read arbitrary data from the database</span><span style=\"background-color: rgb(255, 255, 255);\">.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "shortName": "ivanti", "dateUpdated": "2025-10-13T21:09:07.731Z"}}}, "cveMetadata": {"cveId": "CVE-2025-11623", "state": "PUBLISHED", "dateUpdated": "2025-10-13T23:09:19.977Z", "dateReserved": "2025-10-10T20:11:46.791Z", "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "datePublished": "2025-10-13T21:09:07.731Z", "assignerShortName": "ivanti"}, "dataVersion": "5.1"}