Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2025-0072
Vulnerability from csaf_certbund
Published
2025-01-14 23:00
Modified
2025-03-10 23:00
Summary
Ivanti Endpoint Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Ivanti Endpoint Manager ist eine Endpoint Management Software zur zentralen Verwaltung von Benutzerprofilen und -Geräten.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Ivanti Endpoint Manager ausnutzen, um seine Privilegien zu erweitern, Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen und Informationen offenzulegen.
Betroffene Betriebssysteme
- Sonstiges
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Ivanti Endpoint Manager ist eine Endpoint Management Software zur zentralen Verwaltung von Benutzerprofilen und -Ger\u00e4ten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Ivanti Endpoint Manager ausnutzen, um seine Privilegien zu erweitern, Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen und Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0072 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0072.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0072 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0072"
},
{
"category": "external",
"summary": "Ivanti Security Advisory vom 2025-01-14",
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US"
}
],
"source_lang": "en-US",
"title": "Ivanti Endpoint Manager: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-03-10T23:00:00.000+00:00",
"generator": {
"date": "2025-03-11T09:05:19.870+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0072",
"initial_release_date": "2025-01-14T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-02-20T23:00:00.000+00:00",
"number": "2",
"summary": "PoC aufgenommen"
},
{
"date": "2025-03-10T23:00:00.000+00:00",
"number": "3",
"summary": "Aktive Ausnutzung gemeldet"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "2024 \u003cJanuary-2025 Security Update",
"product": {
"name": "Ivanti Endpoint Manager 2024 \u003cJanuary-2025 Security Update",
"product_id": "T040269"
}
},
{
"category": "product_version",
"name": "2024 January-2025 Security Update",
"product": {
"name": "Ivanti Endpoint Manager 2024 January-2025 Security Update",
"product_id": "T040269-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ivanti:endpoint_manager:2024:january-2025_security_update"
}
}
},
{
"category": "product_version_range",
"name": "2022 SU6 \u003cJanuary-2025 Security Update",
"product": {
"name": "Ivanti Endpoint Manager 2022 SU6 \u003cJanuary-2025 Security Update",
"product_id": "T040270"
}
},
{
"category": "product_version",
"name": "2022 SU6 January-2025 Security Update",
"product": {
"name": "Ivanti Endpoint Manager 2022 SU6 January-2025 Security Update",
"product_id": "T040270-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ivanti:endpoint_manager:2022_su6:january-2025_security_update"
}
}
}
],
"category": "product_name",
"name": "Endpoint Manager"
}
],
"category": "vendor",
"name": "Ivanti"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-10811",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-10811"
},
{
"cve": "CVE-2024-13158",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13158"
},
{
"cve": "CVE-2024-13159",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13159"
},
{
"cve": "CVE-2024-13160",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13160"
},
{
"cve": "CVE-2024-13161",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13161"
},
{
"cve": "CVE-2024-13162",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13162"
},
{
"cve": "CVE-2024-13163",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13163"
},
{
"cve": "CVE-2024-13164",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13164"
},
{
"cve": "CVE-2024-13165",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13165"
},
{
"cve": "CVE-2024-13166",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13166"
},
{
"cve": "CVE-2024-13167",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13167"
},
{
"cve": "CVE-2024-13168",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13168"
},
{
"cve": "CVE-2024-13169",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13169"
},
{
"cve": "CVE-2024-13170",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13170"
},
{
"cve": "CVE-2024-13171",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13171"
},
{
"cve": "CVE-2024-13172",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-13172"
},
{
"cve": "CVE-2024-32848",
"product_status": {
"known_affected": [
"T040270",
"T040269"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-32848"
}
]
}
CVE-2024-10811 (GCVE-0-2024-10811)
Vulnerability from cvelistv5
Published
2025-01-14 16:59
Modified
2025-03-08 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10811",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-08T04:55:14.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/attack-blogs/ivanti-endpoint-manager-multiple-credential-coercion-vulnerabilities/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAbsolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information."
}
],
"impacts": [
{
"capecId": "CAPEC-597",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-597 Absolute Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "CWE-36 Absolute Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T16:59:32.982Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-10811",
"datePublished": "2025-01-14T16:59:32.982Z",
"dateReserved": "2024-11-04T18:01:19.410Z",
"dateUpdated": "2025-03-08T04:55:14.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13161 (GCVE-0-2024-13161)
Vulnerability from cvelistv5
Published
2025-01-14 17:11
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13161",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T17:12:06.481687Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-13161"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:22.275Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/attack-blogs/ivanti-endpoint-manager-multiple-credential-coercion-vulnerabilities/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-10T00:00:00+00:00",
"value": "CVE-2024-13161 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAbsolute path traversal \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ein Ivanti EPM before \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e allows a remote unauthenticated attacker to leak sensitive information.\u003c/span\u003e"
}
],
"value": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information."
}
],
"impacts": [
{
"capecId": "CAPEC-597",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-597 Absolute Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "CWE-36 Absolute Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:11:32.061Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13161",
"datePublished": "2025-01-14T17:11:32.061Z",
"dateReserved": "2025-01-07T02:28:30.244Z",
"dateUpdated": "2025-07-30T01:36:22.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13172 (GCVE-0-2024-13172)
Vulnerability from cvelistv5
Published
2025-01-14 17:16
Modified
2025-01-24 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Summary
Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T04:55:51.479Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper signature verification\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e in \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIvanti EPM\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e before\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e allows a \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eremote\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eunauthenticated\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e attacker to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eachieve remote code execution. Local user interaction is \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003erequired\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e"
}
],
"value": "Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required."
}
],
"impacts": [
{
"capecId": "CAPEC-558",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-558 Replace Trusted Executable"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:16:17.218Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13172",
"datePublished": "2025-01-14T17:16:17.218Z",
"dateReserved": "2025-01-07T02:28:59.790Z",
"dateUpdated": "2025-01-24T04:55:51.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13159 (GCVE-0-2024-13159)
Vulnerability from cvelistv5
Published
2025-01-14 17:12
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13159",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T17:12:15.647745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-13159"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:22.002Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/attack-blogs/ivanti-endpoint-manager-multiple-credential-coercion-vulnerabilities/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-10T00:00:00+00:00",
"value": "CVE-2024-13159 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAbsolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information."
}
],
"impacts": [
{
"capecId": "CAPEC-597",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-597 Absolute Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "CWE-36 Absolute Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:12:57.652Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13159",
"datePublished": "2025-01-14T17:12:57.652Z",
"dateReserved": "2025-01-07T02:28:21.601Z",
"dateUpdated": "2025-07-30T01:36:22.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13165 (GCVE-0-2024-13165)
Vulnerability from cvelistv5
Published
2025-01-14 17:22
Modified
2025-01-15 15:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13165",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:01:57.234987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:19:52.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:22:15.933Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13165",
"datePublished": "2025-01-14T17:22:15.933Z",
"dateReserved": "2025-01-07T02:28:52.501Z",
"dateUpdated": "2025-01-15T15:19:52.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13169 (GCVE-0-2024-13169)
Vulnerability from cvelistv5
Published
2025-01-14 17:18
Modified
2025-01-24 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T04:55:54.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:18:28.069Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13169",
"datePublished": "2025-01-14T17:18:28.069Z",
"dateReserved": "2025-01-07T02:28:56.274Z",
"dateUpdated": "2025-01-24T04:55:54.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13158 (GCVE-0-2024-13158)
Vulnerability from cvelistv5
Published
2025-01-14 17:13
Modified
2025-01-24 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T04:55:50.063Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
}
],
"impacts": [
{
"capecId": "CAPEC-471",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-471 Search Order Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:13:29.275Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13158",
"datePublished": "2025-01-14T17:13:29.275Z",
"dateReserved": "2025-01-07T02:27:40.544Z",
"dateUpdated": "2025-01-24T04:55:50.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13171 (GCVE-0-2024-13171)
Vulnerability from cvelistv5
Published
2025-01-14 17:16
Modified
2025-01-24 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13171",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T04:55:52.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsufficient \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efilename \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evalidation\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ein Ivanti EPM\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e before \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e allows a \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eremote\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eunauthenticated\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ea\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ettacker to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eachieve remote code execution. Local user interaction is \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003erequired\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e"
}
],
"value": "Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required."
}
],
"impacts": [
{
"capecId": "CAPEC-650",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-650 Upload a Web Shell to a Web Server"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:16:48.419Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13171",
"datePublished": "2025-01-14T17:16:48.419Z",
"dateReserved": "2025-01-07T02:28:59.030Z",
"dateUpdated": "2025-01-24T04:55:52.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13164 (GCVE-0-2024-13164)
Vulnerability from cvelistv5
Published
2025-01-14 17:22
Modified
2025-01-24 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-908 - Use of Uninitialized Resource
Summary
An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13164",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T04:55:55.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003en uninitialized resource\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ein Ivanti EPM\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e before \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e allows a \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003elocal\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eauthenticated\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e attacker to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eescalate their privileges.\u003c/span\u003e"
}
],
"value": "An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:22:49.382Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13164",
"datePublished": "2025-01-14T17:22:49.382Z",
"dateReserved": "2025-01-07T02:28:51.714Z",
"dateUpdated": "2025-01-24T04:55:55.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13168 (GCVE-0-2024-13168)
Vulnerability from cvelistv5
Published
2025-01-14 17:19
Modified
2025-01-16 21:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13168",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:18:44.224027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:18:56.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:19:00.787Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13168",
"datePublished": "2025-01-14T17:19:00.787Z",
"dateReserved": "2025-01-07T02:28:55.456Z",
"dateUpdated": "2025-01-16T21:18:56.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32848 (GCVE-0-2024-32848)
Vulnerability from cvelistv5
Published
2024-09-12 01:09
Modified
2024-09-12 21:18
Severity ?
VLAI Severity ?
EPSS score ?
Summary
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "endpoint_manager",
"vendor": "ivanti",
"versions": [
{
"lessThan": "2022_su6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2024_september_security_update",
"status": "unaffected",
"version": "2024",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32848",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-12T03:55:18.367651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T21:18:06.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EPM",
"vendor": "Ivanti",
"versions": [
{
"lessThan": "2024 September Security Update",
"status": "affected",
"version": "2024 September Security Update",
"versionType": "custom"
},
{
"lessThan": "2022 SU6",
"status": "affected",
"version": "2022 SU6",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T01:09:56.249Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-32848",
"datePublished": "2024-09-12T01:09:56.249Z",
"dateReserved": "2024-04-19T01:04:06.774Z",
"dateUpdated": "2024-09-12T21:18:06.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13162 (GCVE-0-2024-13162)
Vulnerability from cvelistv5
Published
2025-01-14 17:23
Modified
2025-01-24 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This CVE addresses incomplete fixes from CVE-2024-32848.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T04:55:58.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis CVE addresses incomplete fixes from CVE-2024-32848.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This CVE addresses incomplete fixes from CVE-2024-32848."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:23:48.256Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13162",
"datePublished": "2025-01-14T17:23:48.256Z",
"dateReserved": "2025-01-07T02:28:48.487Z",
"dateUpdated": "2025-01-24T04:55:58.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13166 (GCVE-0-2024-13166)
Vulnerability from cvelistv5
Published
2025-01-14 17:20
Modified
2025-01-15 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13166",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:02:00.018610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:20:00.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:20:19.876Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13166",
"datePublished": "2025-01-14T17:20:19.876Z",
"dateReserved": "2025-01-07T02:28:53.351Z",
"dateUpdated": "2025-01-15T15:20:00.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13167 (GCVE-0-2024-13167)
Vulnerability from cvelistv5
Published
2025-01-14 17:19
Modified
2025-01-16 21:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13167",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:19:11.304765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:19:20.404Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:19:43.062Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13167",
"datePublished": "2025-01-14T17:19:43.062Z",
"dateReserved": "2025-01-07T02:28:54.294Z",
"dateUpdated": "2025-01-16T21:19:20.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13170 (GCVE-0-2024-13170)
Vulnerability from cvelistv5
Published
2025-01-14 17:17
Modified
2025-01-16 21:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:17:02.355672Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:17:15.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:17:50.470Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13170",
"datePublished": "2025-01-14T17:17:50.470Z",
"dateReserved": "2025-01-07T02:28:58.230Z",
"dateUpdated": "2025-01-16T21:17:15.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13160 (GCVE-0-2024-13160)
Vulnerability from cvelistv5
Published
2025-01-14 17:12
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13160",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T17:12:11.208884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-13160"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:22.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.horizon3.ai/attack-research/attack-blogs/ivanti-endpoint-manager-multiple-credential-coercion-vulnerabilities/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-10T00:00:00+00:00",
"value": "CVE-2024-13160 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAbsolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information."
}
],
"impacts": [
{
"capecId": "CAPEC-597",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-597 Absolute Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "CWE-36 Absolute Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:12:23.237Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13160",
"datePublished": "2025-01-14T17:12:23.237Z",
"dateReserved": "2025-01-07T02:28:25.356Z",
"dateUpdated": "2025-07-30T01:36:22.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13163 (GCVE-0-2024-13163)
Vulnerability from cvelistv5
Published
2025-01-14 17:23
Modified
2025-01-24 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Summary
Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 January-2025 Security Update Patch: 2022 SU6 January-2025 Security Update |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13163",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T04:55:56.946Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 January-2025 Security Update",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU6 January-2025 Security Update",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDeserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required."
}
],
"impacts": [
{
"capecId": "CAPEC-586",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-586 Object Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T17:23:13.781Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2024-13163",
"datePublished": "2025-01-14T17:23:13.781Z",
"dateReserved": "2025-01-07T02:28:50.799Z",
"dateUpdated": "2025-01-24T04:55:56.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…