Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High

CVE-2021-44529

Disclosure Date: December 08, 2021 (last updated February 23, 2025)
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
1
1
Attacker Value
Unknown

CVE-2024-8963

Disclosure Date: September 19, 2024 (last updated February 26, 2025)
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0