Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-28324

A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution.

Published

2023-07-01T00:15:10.103

Last Modified

2024-11-21T07:54:50.630

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
CWE-20
Type: Secondary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ivanti	endpoint_manager	≤ 2022	Yes

References

https://forums.ivanti.com/s/article/SA-2023-06-06-CVE-2023-28324 Vendor Advisory ([email protected])
https://forums.ivanti.com/s/article/SA-2023-06-06-CVE-2023-28324 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)