CVE-2023-39336

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2022 SU 5

Description The issue is related to a SQL injection vulnerability that can be exploited to execute arbitrary SQL queries and retrieve output without authentication. Under specific circumstances, this may also lead to remote code execution on the core server. The vulnerability can allow attackers to alter database commands, leading to unauthorized actions and data access on the server. Approximately 2,606 devices are potentially affected, mainly distributed in the United States, France, and other countries.

Recommendations For Ivanti Endpoint Manager versions prior to 2022 SU 5, install Ivanti EPM 2022 Service Update 5 immediately to resolve the issue. As a temporary workaround, consider restricting access to the internal network to minimize the risk of exploitation. Additionally, putting devices running Ivanti EDM behind a firewall is a best practice and will go a long way to mitigating the severity of the issue.