PT-2026-7269 · Ivanti · Ivanti Endpoint Manager
Published
2026-02-09
·
Updated
2026-02-13
·
CVE-2026-1602
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Ivanti Endpoint Manager versions prior to 2024 SU5
Description
A SQL injection issue exists in Ivanti Endpoint Manager. A remote authenticated attacker can potentially read arbitrary data from the database through this flaw.
Recommendations
Update Ivanti Endpoint Manager to version 2024 SU5 or later.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ivanti Endpoint Manager