An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
https://forums.ivanti.com/s/article/KB-Security-Advisory-EPM-May-2024?language=en_US