Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to leak API secrets.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ivanti Endpoint Manager 安全漏洞
Vulnerability Description
Ivanti Endpoint Manager(EPM)是美国Ivanti公司的一套端点安全管理器。 Ivanti Endpoint Manager 2024版本和2022 SU5及之前版本存在安全漏洞,该漏洞源于Ivanti EPM配置Web服务中存在外部XML实体(XXE)漏洞,允许远程未经身份验证的攻击者泄露API机密。
CVSS Information
N/A
Vulnerability Type
N/A