CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50323

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.7%

CVSS Severity

CVSS v3 Score 7.8

References

https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022

Products affected by CVE-2024-50323

Ivanti » Endpoint Manager » Version: 2016.4

cpe:2.3:a:ivanti:endpoint_manager:2016.4
Ivanti » Endpoint Manager » Version: 2017.1

cpe:2.3:a:ivanti:endpoint_manager:2017.1
Ivanti » Endpoint Manager » Version: 2017.3

cpe:2.3:a:ivanti:endpoint_manager:2017.3
Ivanti » Endpoint Manager » Version: 2018.1

cpe:2.3:a:ivanti:endpoint_manager:2018.1
Ivanti » Endpoint Manager » Version: 2018.3

cpe:2.3:a:ivanti:endpoint_manager:2018.3
Ivanti » Endpoint Manager » Version: 2019.1

cpe:2.3:a:ivanti:endpoint_manager:2019.1
Ivanti » Endpoint Manager » Version: 2020.1

cpe:2.3:a:ivanti:endpoint_manager:2020.1
Ivanti » Endpoint Manager » Version: 2020.1.1

cpe:2.3:a:ivanti:endpoint_manager:2020.1.1
Ivanti » Endpoint Manager » Version: 2021.1

cpe:2.3:a:ivanti:endpoint_manager:2021.1
Ivanti » Endpoint Manager » Version: 2021.1.1

cpe:2.3:a:ivanti:endpoint_manager:2021.1.1
Ivanti » Endpoint Manager » Version: 2022

cpe:2.3:a:ivanti:endpoint_manager:2022
Ivanti » Endpoint Manager » Version: 2024

cpe:2.3:a:ivanti:endpoint_manager:2024
Ivanti » Endpoint Manager » Version: 7.9.1.285

cpe:2.3:a:ivanti:endpoint_manager:7.9.1.285

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50323

Products

Pricing

Contact Us