Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
ivanti Endpoint Manager

Version 2022 SU6

OTHER 5 CVEs

Known Vulnerabilities

CVE-2024-8441

An uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update allows a local authenticated attacker with admin privileges to escalate their privileges to SYSTEM.

MEDIUM CVSS 6.7 Published Sep 10, 2024

CVE-2024-8322

Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality.

MEDIUM CVSS 4.3 Published Sep 10, 2024

CVE-2024-8321

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network.

MEDIUM CVSS 5.8 Published Sep 10, 2024

CVE-2024-8320

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices.

MEDIUM CVSS 5.3 Published Sep 10, 2024

CVE-2024-8191

SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.

HIGH CVSS 7.8 Published Sep 10, 2024