VDB
CNVD-2024-38821
CNVD-2024-38821
PUBLISHED
CVSS 10 CRITICAL
Ivanti Endpoint Manager(EPM)是美国Ivanti公司的一套端点安全管理器。 Ivanti Endpoint Manager 2024版本和2022 SU5及之前版本存在代码问题漏洞,该漏洞源于不受信任数据的反序列化,允许远程未经身份验证的攻击者可利用该漏洞实现远程代码执行。
Risk Scores
CVSS 3.0
10
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ivanti | EPM | 2024 September Security Update, 2022 SU6 |
| ivanti | endpoint_manager | 0, 2024 |
Exploit Intelligence
- https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022 (circl)
- CIRCL published-proof-of-concept: CVE-2024-29847 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-29847 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-29847 (circl-sighting)
- CIRCL seen: CVE-2024-29847 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-29847 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-29847 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-29847 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-29847 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-29847 (circl-sighting)
…and 29 more exploits
Timeline
- Sep 10, 2024 CVE Published
- Sep 11, 2024 PoC Published
- Sep 11, 2024 PoC Published
- Sep 11, 2024 PoC Published
- Sep 11, 2024 PoC Published
- Sep 11, 2024 PoC Published
- Sep 11, 2024 PoC Published
- Sep 11, 2024 PoC Published
- Sep 12, 2024 PoC Published
- Sep 12, 2024 PoC Published
- Sep 13, 2024 PoC Published
- Sep 14, 2024 PoC Published