CVE-2022-27773
https://notcve.org/view.php?id=CVE-2022-27773
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges. Se identifica una vulnerabilidad de escalada de privilegios en Ivanti EPM (LANDesk Management Suite) que permite a un usuario ejecutar comandos con privilegios elevados. • https://forums.ivanti.com/s/article/Security-Advisory-for-Ivanti-Endpoint-Manager-Client-CVE-2022-27773?language=en_US •
CVE-2022-30121
https://notcve.org/view.php?id=CVE-2022-30121
The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system. El servicio "LANDesk(R) Management Agent" expone un socket y una vez conectado, es posible lanzar comandos sólo para los ejecutables firmados. Este es un bug de seguridad que permite a un usuario limitado conseguir privilegios de administrador escalados en su sistema. • https://forums.ivanti.com/s/article/Security-Advisory-for-Ivanti-Endpoint-Manager-Client-CVE-2022-30121?language=en_US •
CVE-2021-44529 – Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-44529
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody). Una vulnerabilidad de inyección de código en Ivanti EPM Cloud Services Appliance (CSA) permite a un usuario no autenticado ejecutar código arbitrario con permisos limitados (nobody) Ivanti Endpoint Manager CSA versions 4.5 and 4.6 suffer from an unauthenticated remote code execution vulnerability. Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody). • https://www.exploit-db.com/exploits/50833 https://github.com/jax7sec/CVE-2021-44529 https://github.com/jkana/CVE-2021-44529 http://packetstormsecurity.com/files/166383/Ivanti-Endpoint-Manager-CSA-4.5-4.6-Remote-Code-Execution.html http://packetstormsecurity.com/files/170590/Ivanti-Cloud-Services-Appliance-CSA-Command-Injection.html https://forums.ivanti.com/s/article/SA-2021-12-02 https://attackerkb.com/topics/XTKrwlZd7p/cve-2021-44529 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2020-13773
https://notcve.org/view.php?id=CVE-2020-13773
Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS/frm_coremainfrm.aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx, and /LDMS/query_browsecomp.aspx. Ivanti Endpoint Manager versiones hasta 2020.1.1, permite un ataque de tipo XSS por medio de los archivos /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS /frm_coremainfrm. aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx y /LDMS/query_browsecomp.aspx • https://forums.ivanti.com/s https://labs.jumpsec.com/cve-2020-13773-ivanti-uem-reflected-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-13769
https://notcve.org/view.php?id=CVE-2020-13769
LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request. El archivo LDMS/alert_log.aspx en Ivanti Endpoint Manager versiones hasta 2020.1, permite una inyección SQL por medio de una petición de /remotecontrolauth/api/device • https://forums.ivanti.com/s https://labs.jumpsec.com/advisory-cve-2020-13769-ivanti-uem-sql-injection • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •