Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Ivanti EPM 代码问题漏洞
Vulnerability Description
Ivanti EPM是美国Ivanti公司的一个一站式管理用户配置文件和所有客户端设备的软件。 Ivanti EPM存在代码问题漏洞,该漏洞源于包含一个不受信任的数据反序列化问题。允许远程未经身份验证的攻击者利用该漏洞可以实现远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A