Vulnerability Details CVE-2024-22060
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.047
EPSS Ranking 89.0%
CVSS Severity
CVSS v3 Score 8.7
References
Products affected by CVE-2024-22060
-
cpe:2.3:a:ivanti:neurons_for_itsm:-
-
cpe:2.3:a:ivanti:neurons_for_itsm:2022.1
-
cpe:2.3:a:ivanti:neurons_for_itsm:2022.2
-
cpe:2.3:a:ivanti:neurons_for_itsm:2022.3
-
cpe:2.3:a:ivanti:neurons_for_itsm:2022.4
-
cpe:2.3:a:ivanti:neurons_for_itsm:2023.1
-
cpe:2.3:a:ivanti:neurons_for_itsm:2023.2