PT-2019-11964 · Ivanti · Ivanti Endpoint Manager

Published

2019-07-11

Updated

2020-08-24

CVE-2019-10651

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager (EPM) versions 2017.3 through 2018.3 before SU3 and before the April 2019 update Ivanti Endpoint Manager (EPM) version 2018.1

Description An issue was discovered in the Core Server of Ivanti Endpoint Manager (EPM) that allows remote code execution.

Recommendations For Ivanti Endpoint Manager (EPM) versions 2017.3 through 2018.3 before SU3, apply the April 2019 update to resolve the issue. For Ivanti Endpoint Manager (EPM) version 2018.1, apply the April 2019 update to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-10651

Affected Products

Ivanti Endpoint Manager

PT-2019-11964 · Ivanti · Ivanti Endpoint Manager

CVE-2019-10651

Related Identifiers

Affected Products

References · 3