cbcvebase.
CVE-2024-29825
published 2024-05-31

CVE-2024-29825: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to…

PriorityP272high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
99.88%
100.0th percentile
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Affected

3 ranges
VendorProductVersion rangeFixed in
ivantiendpoint_manager< 20222022
ivantiendpoint_manager
ivantiepm2022 SU5 – 2022 SU5

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability class is SQL Injection (CWE-89) in the Core server of Ivanti EPM 2022 SU5 and prior — monitor for anomalous SQL syntax in requests targeting the EPM Core server endpoint
  • Attack vector is network-adjacent (same network segment) and requires no authentication — prioritize detection on internal network segments hosting Ivanti EPM Core servers for unauthenticated SQL injection attempts
  • ·Vulnerability details are described as 'unspecified' — no specific endpoint, parameter, or payload has been publicly disclosed, limiting precise signature-based detection
  • ·Affected versions are Ivanti EPM 2022 SU5 and prior — scope detection and patching efforts accordingly

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.6CRITICALCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.