CVE-2019-10651

Published: Jul 11, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered in the Core Server in Ivanti Endpoint Manager (EPM) 2017.3 before SU7 and 2018.x before 2018.3 SU3, with remote code execution. In other words, the issue affects 2017.3, 2018.1, and 2018.3 installations that lack the April 2019 update.

Affected (3)

Products: Ivanti: Endpoint Manager

Ivanti

1 product

Endpoint Manager

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ivanti Endpoint Manager	Version 2017.3
Ivanti Endpoint Manager	Version 2018.1
Ivanti Endpoint Manager	Version 2018.3

References (2)

https://forums.ivanti.com/s/article/Security-Alert-Ivanti-Endpoint-Manager-April-2019

Source: cve@mitre.org

PatchVendor Advisory

https://forums.ivanti.com/s/article/Security-Alert-Ivanti-Endpoint-Manager-April-2019

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.