- Description
- Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- CWE-36
- Hype score
- Not currently trending
https://t.co/ZYzEf3Pq9G has unveiled four critical vulnerabilities in Ivanti EPM (CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, CVE-2024-13159) with a CVSS score of 9.8. Major risk for server security 🌐💻 #Ivanti #Vulnerability #USA link: https://t.co/aXrPlEvX1n https://t.co/
@TweetThreatNews
20 Feb 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Path Traversal Vulnerabilities (CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, and CVE-2024-13159) in Ivanti Endpoint Manager https://t.co/gQZPuZDaBu
@WhalersLtd
19 Jan 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Multiples critical security flaws in Ivanti Endpoint Manager: - CVE-2024-10811 - CVE-2024-13161 - CVE-2024-13160 - CVE-2024-13159 The vulnerability is actively exploited in the wild and has been integrated into Patrowl. Our customers assets are protected. 🦉 #InfoSec https://t
@Patrowl_io
17 Jan 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Ivanti: Researcher Uncovers Critical Vulnerabilities in Multiple Versions of Ivanti Endpoint Manager (#EPM) and Ivanti Avalanche Application Control Engine. CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, CVE-2024-13159 have been patched - update! 👇 https://t.co/QH98ZOYgYO
@securestep9
16 Jan 2025
66 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes