SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.
2025-10-13T22:15:34.910
2025-10-15T19:01:00.530
Analyzed
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
CVSSv3.1: 6.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ivanti | endpoint_manager | < 2024 | Yes |
| Application | ivanti | endpoint_manager | 2024 | Yes |
| Application | ivanti | endpoint_manager | 2024 | Yes |
| Application | ivanti | endpoint_manager | 2024 | Yes |
| Application | ivanti | endpoint_manager | 2024 | Yes |
| Application | ivanti | endpoint_manager | 2024 | Yes |