Filtered by vendor Ivanti
Subscribe
Filtered by product Endpoint Manager Cloud Services Appliance
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8963 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2025-10-24 | N/A | 9.4 CRITICAL |
| Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. | |||||
| CVE-2024-9379 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2025-10-24 | N/A | 6.5 MEDIUM |
| SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements. | |||||
| CVE-2024-9380 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2025-10-24 | N/A | 7.2 HIGH |
| An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. | |||||
| CVE-2021-44529 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2025-10-22 | 7.5 HIGH | 9.8 CRITICAL |
| A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody). | |||||
| CVE-2024-9381 | 1 Ivanti | 1 Endpoint Manager Cloud Services Appliance | 2024-10-16 | N/A | 7.2 HIGH |
| Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions. | |||||