Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Endpoint_manager_mobile
(Ivanti)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-05-22 | CVE-2023-46806 | An SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database. | Endpoint_manager_mobile | N/A | ||
| 2024-05-22 | CVE-2023-46807 | An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database. | Endpoint_manager_mobile | N/A | ||
| 2025-05-13 | CVE-2025-4427 | An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. | Endpoint_manager_mobile | 7.5 | ||
| 2025-05-13 | CVE-2025-4428 | Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. | Endpoint_manager_mobile | 8.8 | ||
| 2024-08-07 | CVE-2024-36132 | Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources. | Endpoint_manager_mobile | 7.5 |