Detections
Analytics

Ivanti EPM XML External Entity

high Web App Scanning Plugin ID 114524

Synopsis

Ivanti EPM XML External Entity

Description

Ivanti Endpoint Manager (EPM) versions < 2022 SU6 / 2024 SU1 are vulnerable to an XML External Entity allowing an unauthenticated attacker to read arbitrary files from the system via a specially crafted request.

Solution

Apply the security hotfix provided by Ivanti for version 2022 SU5 and 2024, or upgrade to latest version which already includes the fix.

See Also

https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022

Plugin Details

Severity: High

ID: 114524

Type: remote

Published: 12/3/2024

Updated: 12/3/2024

Scan Template: basic, full, pci, scan

Risk Information

CVSS v2

Risk Factor: High

Base Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:N

CVSS Score Source: Tenable

CVSS v3

Risk Factor: High

Base Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CVSS Score Source: Tenable

Vulnerability Information

CPE: cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*

Patch Publication Date: 9/10/2024

Vulnerability Publication Date: 9/10/2024

Reference Information