cbcvebase.
CVE-2024-29827
published 2024-05-31

CVE-2024-29827: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to…

PriorityP270high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
71.69%
99.3th percentile
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Affected

3 ranges
VendorProductVersion rangeFixed in
ivantiendpoint_manager< 20222022
ivantiendpoint_manager
ivantiepm2022 SU5 – 2022 SU5

Detection & IOCsextracted from sources · hover to see the quote

  • Target product is Ivanti EPM (Endpoint Manager) 2022 SU5 and prior — monitor for unauthenticated SQL Injection attempts against the Core server from hosts on the same network segment
  • ·The vulnerability is described as 'unspecified', meaning no specific payload, endpoint, or parameter details are publicly disclosed in the available sources — detection signatures cannot be built from this advisory alone
  • ·Attack vector is network-adjacent (same network), not internet-facing — perimeter-only monitoring will miss exploitation attempts; internal network traffic to the Ivanti EPM Core server must be inspected
  • ·CVSS Base Score is 8.8 (HIGH) with CWE-89 (SQL Injection) — prioritize patching Ivanti EPM Core servers at or below version 2022 SU5

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.6CRITICALCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.