Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Ivanti EPM SQLi RCE (CVE-2024-29824) - Vulnerability Database

Ivanti EPM SQLi RCE (CVE-2024-29824)

Description

Ivanti EPM has an SQL injection vulnerability. An unauthenticated attacker can use this vulnerability to execute arbitrary code and compromise the system.

Remediation

Upgrade to the latest version of Ivanti EPM

References

KB Security Advisory EPM May 2024
Horizon3 AI Detailed Analysis

Related Vulnerabilities

PaloAlto Networks Expedition RCE (CVE-2024-9463) Critical
Common tags: Code Execution Known Vulnerabilities Acumonitor
Ruby on Rails DoubleTap RCE (CVE-2019-5420) High
Common tags: Code Execution Known Vulnerabilities Acumonitor
Apache Solr SSRF CVE-2017-3164 Medium
Common tags: Code Execution Known Vulnerabilities Acumonitor
Apache Struts2 Remote Command Execution (S2-053) Critical
Common tags: Code Execution Known Vulnerabilities Acumonitor
Apache Struts2 Remote Command Execution (S2-052) High
Common tags: Code Execution Known Vulnerabilities Acumonitor

Severity

High

Classification

CVE-2024-29824
CWE-89
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Tags

Code Execution
Sql Injection
Known Vulnerabilities
Acumonitor