Detections
Analytics
Ivanti EPM RecordGoodApp SQL Injection
high Web App Scanning Plugin ID 114433
Language:
Synopsis
Ivanti EPM RecordGoodApp SQL InjectionDescription
Ivanti Endpoint Manager (EPM) versions 2022 SU5 and below suffer from a SQL Injection vulnerability. By exploiting this vulnerability, a remote and unauthenticated attacker can achieve Remote Code Execution (RCE) on the affected system.Solution
Apply the security hotfix provided by Ivanti for version 2022 SU5 or upgrade to latest version which already includes the fix.See Also
https://forums.ivanti.com/s/article/KB-Security-Advisory-EPM-May-2024?language=en_US
https://forums.ivanti.com/s/article/Security-Advisory-May-2024?language=en_US
Plugin Details
Severity: High
ID: 114433
Type: remote
Family: Component Vulnerability
Published: 9/17/2024
Updated: 9/24/2024
Scan Template: basic, full, pci, scan
Risk Information
VPR
Risk Factor: Critical
Score: 9.4
CVSS v2
Risk Factor: High
Base Score: 8.3
Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2024-29824
CVSS v3
Risk Factor: High
Base Score: 8.8
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score Source: CVE-2024-29824
Vulnerability Information
CPE: cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/21/2024
Vulnerability Publication Date: 5/21/2024
CISA Known Exploited Vulnerability Due Dates: 10/23/2024
Reference Information
CVE: CVE-2024-29824
CWE: 89
OWASP: 2010-A1, 2013-A1, 2013-A9, 2017-A1, 2017-A9, 2021-A3, 2021-A6
WASC: SQL Injection
CAPEC: 108, 109, 110, 470, 66, 7
DISA STIG: APSC-DV-002540, APSC-DV-002630
HIPAA: 164.306(a)(1), 164.306(a)(2)
ISO: 27001-A.14.2.5
NIST: sp800_53-CM-6b, sp800_53-SI-10
OWASP API: 2019-API7, 2019-API8, 2023-API8
OWASP ASVS: 4.0.2-14.2.1, 4.0.2-5.3.4