VDB

CNVD-2024-38821

CNVD-2024-38821 PUBLISHED CVSS 10 CRITICAL

Ivanti Endpoint Manager(EPM)是美国Ivanti公司的一套端点安全管理器。 Ivanti Endpoint Manager 2024版本和2022 SU5及之前版本存在代码问题漏洞,该漏洞源于不受信任数据的反序列化,允许远程未经身份验证的攻击者可利用该漏洞实现远程代码执行。

Risk Scores

CVSS 3.0
10
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersions
IvantiEPM2024 September Security Update, 2022 SU6
ivantiendpoint_manager0, 2024

Timeline

  • Sep 10, 2024 CVE Published
  • Sep 11, 2024 PoC Published
  • Sep 11, 2024 PoC Published
  • Sep 11, 2024 PoC Published
  • Sep 11, 2024 PoC Published
  • Sep 11, 2024 PoC Published
  • Sep 11, 2024 PoC Published
  • Sep 11, 2024 PoC Published
  • Sep 12, 2024 PoC Published
  • Sep 12, 2024 PoC Published
  • Sep 13, 2024 PoC Published
  • Sep 14, 2024 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›