An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance.
References
Link | Resource |
---|---|
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-for-Mobile-EPMM-July-2024 | Vendor Advisory |
Configurations
History
24 Oct 2024, 20:35
Type | Values Removed | Values Added |
---|---|---|
CWE |
12 Aug 2024, 18:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Ivanti
Ivanti endpoint Manager Mobile |
|
CPE | cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:* | |
CWE | CWE-287 | |
References | () https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-for-Mobile-EPMM-July-2024 - Vendor Advisory |
08 Aug 2024, 21:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-285 |
07 Aug 2024, 15:17
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
07 Aug 2024, 04:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-07 04:17
Updated : 2024-10-24 20:35
NVD link : CVE-2024-36130
Mitre link : CVE-2024-36130
CVE.ORG link : CVE-2024-36130
JSON object : View
Products Affected
ivanti
- endpoint_manager_mobile
CWE
CWE-287
Improper Authentication