CVE-2023-39336 | Ivanti Endpoint Manager up to 2022 SU4 sql injection (SA-2023-12-19 / 2022 SU5)

Posted by Angelo Barbosa | Jan 5, 2024 | CVE

A vulnerability, which was classified as critical, was found in Ivanti Endpoint Manager up to 2022 SU4. Affected is an unknown function. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2023-39336. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-39336 | Ivanti Endpoint Manager up to 2022 SU4 sql injection (SA-2023-12-19 / 2022 SU5)

Related Posts

CVE-2024-2294 | Backuply Plugin up to 1.2.7 on WordPress path traversal

CVE-2024-0359 | code-projects Simple Online Hotel Reservation System 1.0 login.php username/password sql injection

CVE-2024-5996 | Soar Cloud HR Portal prior 7.3.2024.0409 cleartext transmission

CVE-2024-2334 | Template Kit Plugin up to 1.0.14 on WordPress Template Upload cross site scripting