CVE-2024-29824
Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability
Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code. Vendor/Product: Ivanti Endpoint Manager (EPM). Added to CISA KEV 2024-10-02; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.