Ivanti Itsm
5 CVEs affecting Ivanti Itsm. Latest disclosed: 2024-08-13. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-46808 | Critical | 9.9 | 2024-03-31 | An file upload vulnerability in Ivanti ITSM before 2023.4, allows an authenticated remote user to perform file writes to the server. Successful exploitation ma… |
CVE-2024-7569 | Critical | 9.6 | 2024-08-13 | An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain th… |
CVE-2024-22059 | High | 8.8 | 2024-05-31 | A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlyin… |
CVE-2024-22060 | High | 8.7 | 2024-05-31 | An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary f… |
CVE-2024-7570 | High | 8.3 | 2024-08-13 | Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a… |