Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38648 | 1 Ivanti | 1 Desktop \& Server Management | 2025-07-17 | N/A | 5.7 MEDIUM |
| A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent network to decrypt sensitive data including user credentials. | |||||
| CVE-2024-7572 | 1 Ivanti | 1 Desktop \& Server Management | 2025-07-11 | N/A | 7.1 HIGH |
| Insufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated attacker to delete arbitrary files. | |||||
| CVE-2024-29821 | 1 Ivanti | 1 Desktop \& Server Management | 2025-07-10 | N/A | 7.8 HIGH |
| Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector. | |||||
| CVE-2024-29213 | 1 Ivanti | 1 Desktop \& Server Management | 2025-07-10 | N/A | 7.8 HIGH |
| Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector. | |||||
| CVE-2023-28129 | 1 Ivanti | 1 Desktop \& Server Management | 2024-11-21 | N/A | 7.8 HIGH |
| DSM 2022.2 SU2 and all prior versions allows a local low privileged account to execute arbitrary OS commands as the DSM software installation user. | |||||