A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well as secrets. This vulnerability poses a serious security risk, potentially exposing confidential data and system integrity.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NIvanti Endpoint Manager Mobile
APPIvanti≤ 11.9.011.10.0 – 11.10.0.4 (bez)11.11.0 – 11.11.0.2 (bez)
Powiązane podatności
Krytyczny code injection w Ivanti Endpoint Manager Mobile (RCE bez uwierzytelnienia)
Code injection w Ivanti EPMM umożliwiający nieuwierzytelniony RCE
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access res...
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functiona...
Ivanti EPMM: obejście autoryzacji umożliwiające zdalne wykonanie poleceń