cbcvebase.
CVE-2024-29823
published 2024-05-31

CVE-2024-29823: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to…

PriorityP272high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
99.86%
100.0th percentile
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Affected

3 ranges
VendorProductVersion rangeFixed in
ivantiendpoint_manager< 20222022
ivantiendpoint_manager
ivantiepm2022 SU5 – 2022 SU5

Detection & IOCsextracted from sources · hover to see the quote

  • Target product is Ivanti EPM (Endpoint Manager) Core server, versions 2022 SU5 and prior — monitor for anomalous or unauthenticated SQL-related traffic directed at the Core server component
  • Attack vector is adjacent network (same network segment) — focus detection on lateral movement or rogue devices on the same network attempting to reach the Ivanti EPM Core server
  • Classify as SQL Injection (CWE-89) — monitor Ivanti EPM Core server logs for malformed or unexpected SQL syntax in inbound requests, especially from unauthenticated sessions
  • ·The SQL Injection vulnerability is described as 'unspecified', meaning no specific endpoint, parameter, or payload details are publicly disclosed — detection must rely on behavioral and anomaly-based approaches rather than signature matching
  • ·CVSS score of 8.8 (HIGH) with adjacent network attack vector means exploitation requires the attacker to be on the same network — network segmentation of the EPM Core server is a key mitigating control

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.6CRITICALCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.