SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
References
Configurations
No configuration.
History
13 Nov 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-89 |
13 Nov 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-13 02:15
Updated : 2024-11-13 19:35
NVD link : CVE-2024-32844
Mitre link : CVE-2024-32844
CVE.ORG link : CVE-2024-32844
JSON object : View
Products Affected
No product.
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')