To fix ten vulnerabilities in its Endpoint Manager, Ivanti published a security advisory.
Background: Ivanti Endpoint Manager consists of a wide variety of powerful and easy-to-use tools that allaAll clients, devices and user profiles can be managed in one location with the Ivanti Endpoint Manager. The application is compatible with Linux, Windows, macOS, and IoT. By utilizing cutting-edge discovery and inventory technology, it offers a wealth of information regarding both managed and unmanaged devices.
Critical and high-security vulnerabilities are assigned to the vulnerabilities.
An attacker with access to the internal network can run any SQL query and obtain output without requiring authentication if the vulnerability is successful. The attacker may then be able to take control of the devices that the EPM agent is running on. RCE on the core server may result from the core server being set up to use SQL Express.
Vulnerabilities:
Details on the vulnerability are shown in the table below:
| CVE | Description | CVSS | Vector |
| CVE-2024-29822 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | 9.6 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
| CVE-2024-29823 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | 9.6 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
| CVE-2024-29824 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | 9.6 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
| CVE-2024-29825 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | 9.6 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
| CVE-2024-29826 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | 9.6 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
| CVE-2024-29827 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | 9.6 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
| CVE-2024-29828 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | 8.4 | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
|
| CVE-2024-29829 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | 8.4 | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
|
| CVE-2024-29830 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | 8.4 | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
|
| CVE-2024-29846 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | 8.4 | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
These unidentified SQL Injection vulnerabilities affect Ivanti EPM 2022 SU5 and earlier versions of Core servers. An unauthorized attacker on the same network may be able to run any code through these vulnerabilities:
CVE-2024-29822
CVE-2024-29823
CVE-2024-29824
CVE-2024-29825
CVE-2024-29826
CVE-2024-29827
Ivanti EPM 2022 SU5 and earlier versions of the Core server are vulnerable to these unidentified SQL Injection vulnerabilities. Any code could be executed by an authenticated attacker on the same network through these vulnerabilities:
CVE-2024-29828
CVE-2024-29829
CVE-2024-29830
CVE-2024-29846
Mitigation:
To fix vulnerabilities, Ivanti has published a hot patch for EPM 2022 SU5:
| Algo | Hash | File |
| SHA256 | 52692068188BA8ABB579E3CB2874638207FBC5C4F3E764E5F4BD3B48DD771A9F | LANDesk.AlertManager.Business.dll |
| SHA256 | C3378FCD23792161F301A9FEFA1F94B696243983C6CEF58148652BAEFCE288CA | LANDesk.AlertManager.Data.dll |
| SHA256 | 8CD9F17EEABA469A768D5D1D48D7EC9BB7DB6439004B05A34B236B0280C76670 | PatchApi.dll |
| SHA256 | FB88A58E967C504C4A0A07672627D95AA7374C468D9B636E4696A4D418D2A0AD | PatchBiz.dll |