Ivanti Endpoint Manager SQL Injection Flaw Let Attackers Execute Arbitrary Code
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Multiple vulnerabilities involving SQL injection have been identified in Ivanti Endpoint Manager.
These vulnerabilities could potentially enable malicious actors to carry out various unauthorized actions, including initiating Denial of Service attacks and executing arbitrary code on affected systems.
One of the vulnerabilities found was a SQL injection vulnerability in Ivanti Neurons for ITSM, while the rest were discovered in the Ivanti Endpoint Manager (EPM).
The severity of these vulnerabilities ranges from 8.4 (High) to 9.6 (Critical).
Vulnerability Analysis – SQL Injections
According to the advisory, there were 11 SQL injection vulnerabilities identified, which were given the CVEs as
Among these SQL injection vulnerabilities, six had a 9.6 ( Critical ) severity.
These vulnerabilities were due to an unspecified SQL injection flaw in the Core server of Ivanti EPM 2022 SU5 and prior versions, which allows an unauthenticated attacker on the same network to execute arbitrary code on the vulnerable instances.
The other five vulnerabilities had an 8.4 (High) severity, which also existed due to a similar unspecified SQL injection flaw but require an authentication that could enable an authenticated attacker on the same network to execute arbitrary code on the vulnerable instance.
However, Users of Ivanti Endpoint Manager are recommended to upgrade to the latest versions to prevent threat actors from exploiting these SQL injection vulnerabilities.
#Cyber_Security #Endpoint_Security #Vulnerability #cyber_security #sql_injection #Vulnerability_Management
Оригинальная версия на сайте:
Ivanti Endpoint Manager SQL Injection Flaw Let Attackers Execute Arbitrary Code
Author: EswarMultiple vulnerabilities involving SQL injection have been identified in Ivanti Endpoint Manager.
These vulnerabilities could potentially enable malicious actors to carry out various unauthorized actions, including initiating Denial of Service attacks and executing arbitrary code on affected systems.
One of the vulnerabilities found was a SQL injection vulnerability in Ivanti Neurons for ITSM, while the rest were discovered in the Ivanti Endpoint Manager (EPM).
The severity of these vulnerabilities ranges from 8.4 (High) to 9.6 (Critical).
Vulnerability Analysis – SQL Injections
According to the advisory, there were 11 SQL injection vulnerabilities identified, which were given the CVEs as
- CVE-2024-22059 – 9.6 ( Critical )
- CVE-2024-29822 – 9.6 ( Critical )
- CVE-2024-29823 – 9.6 ( Critical )
- CVE-2024-29824 – 9.6 ( Critical )
- CVE-2024-29825 – 9.6 ( Critical )
- CVE-2024-29826 – 9.6 ( Critical )
- CVE-2024-29827 – 8.4 ( High )
- CVE-2024-29828 – 8.4 ( High )
- CVE-2024-29829 – 8.4 ( High )
- CVE-2024-29830 – 8.4 ( High ) and
- CVE-2024-29846 – 8.4 ( High )
Among these SQL injection vulnerabilities, six had a 9.6 ( Critical ) severity.
These vulnerabilities were due to an unspecified SQL injection flaw in the Core server of Ivanti EPM 2022 SU5 and prior versions, which allows an unauthenticated attacker on the same network to execute arbitrary code on the vulnerable instances.
The other five vulnerabilities had an 8.4 (High) severity, which also existed due to a similar unspecified SQL injection flaw but require an authentication that could enable an authenticated attacker on the same network to execute arbitrary code on the vulnerable instance.
However, Users of Ivanti Endpoint Manager are recommended to upgrade to the latest versions to prevent threat actors from exploiting these SQL injection vulnerabilities.
#Cyber_Security #Endpoint_Security #Vulnerability #cyber_security #sql_injection #Vulnerability_Management
Оригинальная версия на сайте:
