CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-4427

An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.504

EPSS Ranking 97.7%

CVSS Severity

CVSS v3 Score 5.3

Proposed Action

Ivanti Endpoint Manager Mobile (EPMM) contains an authentication bypass vulnerability in the API component that allows an attacker to access protected resources without proper credentials via crafted API requests. This vulnerability results from an insecure implementation of the Spring Framework open-source library.

Ransomware Campaign

Unknown

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM

Products affected by CVE-2025-4427

Ivanti » Endpoint Manager Mobile » Version: Any

cpe:2.3:a:ivanti:endpoint_manager_mobile:*
Ivanti » Endpoint Manager Mobile » Version: N/A

cpe:2.3:a:ivanti:endpoint_manager_mobile:-
Ivanti » Endpoint Manager Mobile » Version: 11.10.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.2
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.3

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.3
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.4

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.4
Ivanti » Endpoint Manager Mobile » Version: 11.11.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.11.0
Ivanti » Endpoint Manager Mobile » Version: 11.11.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.11.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.11.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.11.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.11.0.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.11.0.2
Ivanti » Endpoint Manager Mobile » Version: 11.12.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.12.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.12.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.12.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.12.0.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.12.0.2
Ivanti » Endpoint Manager Mobile » Version: 11.12.0.3

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.12.0.3
Ivanti » Endpoint Manager Mobile » Version: 11.4.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.4.0
Ivanti » Endpoint Manager Mobile » Version: 11.4.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.4.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.4.1.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.4.1.0
Ivanti » Endpoint Manager Mobile » Version: 11.5.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.5.0
Ivanti » Endpoint Manager Mobile » Version: 11.5.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.5.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.6.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.6.0
Ivanti » Endpoint Manager Mobile » Version: 11.6.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.6.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.6.0.01

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.6.0.01
Ivanti » Endpoint Manager Mobile » Version: 11.6.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.6.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.7.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.7.0
Ivanti » Endpoint Manager Mobile » Version: 11.7.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.7.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.8.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.0
Ivanti » Endpoint Manager Mobile » Version: 11.8.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.8.1.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.1.0
Ivanti » Endpoint Manager Mobile » Version: 11.8.1.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.1.1
Ivanti » Endpoint Manager Mobile » Version: 11.8.1.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.1.2
Ivanti » Endpoint Manager Mobile » Version: 11.9.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.0
Ivanti » Endpoint Manager Mobile » Version: 11.9.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.9.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.9.1.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.1.0
Ivanti » Endpoint Manager Mobile » Version: 11.9.1.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.1.1
Ivanti » Endpoint Manager Mobile » Version: 11.9.1.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.1.2
Ivanti » Endpoint Manager Mobile » Version: 12.3.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:12.3.0.0
Ivanti » Endpoint Manager Mobile » Version: 12.5.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:12.5.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-4427

Products

Pricing

Contact Us