Security Advisory

CVE-2024-37397

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-12 01:09:56

Last updated 2024-09-13 15:48:43

Assigner hackerone

State PUBLISHED

Description

An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to leak API secrets.

← Browse all CVEs View on cve.org ↗