Aler Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager Solution

To fix a severe weakness affecting its Endpoint Manager (EPM) solution, Ivanti has published security upgrades. If successfully exploited, this flaw might lead to remote code execution (RCE) on vulnerable servers.

The vulnerability, identified as CVE-2023-39336, has received a score of 9.6 out of 10 on the CVSS evaluation system. The flaw affects EPM 2022 and EPM 2021 before SU5. “If exploited, an attacker with access to the internal network can leverage an unspecified SQL injection to execute arbitrary SQL queries and retrieve output without the need for authentication,” Ivanti stated in a security advisory.

Aler Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager Solution

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Aler Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager Solution

05-Jan-24

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address