CVE-2024-50330

Published Nov 12, 2024

Last updated 4 days ago

CVSS critical 9.8

Overview

Description
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution.
Source
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-89
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
CWE-89

Social media

Hype score
Not currently trending

  1. CVE-2024-50330 ::: CVSS Base Score 9.8 Patch your Ivanti Endpoint Manager NOW!! #PatchNOW #cybersecurity #ComputerSecurity #Vulnerability #hacked #Cyberattack #infosec #informationsecurity #DataBreach https://t.co/t0gGoWcpPJ

    @patchnow24x7

    14 Nov 2024

    17 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. CVE-2024-50330 ::: CVSS Base Score 9.8 Patch your Ivanti Endpoint Manager NOW!! #PatchNOW Technical Details, Analysis and Patch Download: https://t.co/JnYiHQlJzu #cybersecurity #ComputerSecurity #hacked #Cyberattack #infosec #informationsecurity #DataBreach https://t.co/gm0zO1J

    @patchnow24x7

    14 Nov 2024

    313 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    3 Quotes

  3. 🚨 CVE-2024-50330 (CVSS 9.8): Unpatched Ivanti Endpoint Manager Vulnerable to RCE Attacks A critical SQL injection flaw in Ivanti Endpoint Manager could allow remote code execution (RCE) by unauthenticated attackers. Ivanti’s November Security Update addresses this vulnerability

    @Ransom_DB

    12 Nov 2024

    98 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2024-50330 (CVSS 9.8): Unpatched Ivanti Endpoint Manager Vulnerable to RCE Attacks https://t.co/GWN863o4bY

    @Dinosn

    12 Nov 2024

    2173 Impressions

    7 Retweets

    22 Likes

    4 Bookmarks

    1 Reply

    2 Quotes

  5. [CVE-2024-50330: CRITICAL] Beware: Unpatched Ivanti Endpoint Manager vulnerable to SQL injection, enabling remote code execution by attackers. Update before Nov 2022/2024 for security.#cybersecurity,#vulnerability https://t.co/IyYHdoCWjv https://t.co/52ta0KEZKs

    @CveFindCom

    12 Nov 2024

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2024-50330 SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve… https://t.co/oRCFjbH2FD

    @CVEnew

    12 Nov 2024

    183 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References