cbcvebase.
CVE-2024-29822
published 2024-05-31

CVE-2024-29822: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to…

PriorityP271high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
64.39%
99.1th percentile
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Affected

15 ranges
VendorProductVersion rangeFixed in
ivantiendpoint_manager< 20222022
ivantiendpoint_manager
ivantiepm2022 SU5 – 2022 SU5
msrcmicrosoft_365_apps_for_enterprise_for_32-bit_systems
msrcmicrosoft_365_apps_for_enterprise_for_64-bit_systems
msrcmicrosoft_office_2019_for_32-bit_editions
msrcmicrosoft_office_2019_for_64-bit_editions
msrcmicrosoft_office_ltsc_2021_for_32-bit_editions
msrcmicrosoft_office_ltsc_2021_for_64-bit_editions
msrcmicrosoft_office_ltsc_2024_for_32-bit_editions
msrcmicrosoft_office_ltsc_2024_for_64-bit_editions
msrcmicrosoft_office_ltsc_for_mac_2021
msrcmicrosoft_office_ltsc_for_mac_2024
msrcmicrosoft_onenote_2016
msrcmicrosoft_onenote_for_mac

Detection & IOCsextracted from sources · hover to see the quote

  • Target product is Ivanti EPM (Endpoint Manager) Core server, versions 2022 SU5 and prior — monitor for anomalous SQL-related traffic or errors originating from the Core server component
  • Attack vector is network-adjacent (same network segment) and requires no authentication — prioritize detection of unauthenticated requests to the Ivanti EPM Core server from internal/lateral network sources
  • Vulnerability class is SQL Injection (CWE-89) leading to RCE — monitor Ivanti EPM Core server logs and database logs for unexpected SQL syntax, stacked queries, or xp_cmdshell-style execution patterns
  • ·The vulnerability is described as 'unspecified', meaning the exact vulnerable endpoint, parameter, or payload has not been publicly disclosed in these sources — specific IOCs such as URLs, hashes, or signatures cannot be derived from available documentation
  • ·CVSS score of 8.8 (HIGH) reflects the network-adjacent, unauthenticated RCE impact — patching to a version beyond 2022 SU5 is the primary remediation path

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.6CRITICALCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.