Security Advisory

CVE-2024-13162

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-14 17:23:48

Last updated 2026-02-26 19:09:27

Assigner ivanti

State PUBLISHED

Description

SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This CVE addresses incomplete fixes from CVE-2024-32848.

← Browse all CVEs View on cve.org ↗