CNNVD-202507-1025 Information

CNNVD ID

CNNVD-202507-1025

Related CVE

CVE-2025-6996

• CNNVD Published: 2025-07-08

Description (Chinese)

Ivanti Endpoint Manager（EPM）是美国Ivanti公司的一套端点安全管理器。 Ivanti Endpoint Manager 2024 SU3和2022 SU8 Security Update 1之前版本存在安全漏洞，该漏洞源于加密使用不当，可能导致解密其他用户密码。

Description (English)

Ivanti Endpoint Manager (EPM) is an end-point security manager for Ivanti USA. Ivanti Endpoint Manager 2024 SU3 and 2022 SU8 Security Update 1 had a security loophole, which stemmed from the improper use of encryption and could lead to decryption of other user passwords.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

iWT

Published

2025-07-08

Last Modified

2026-02-24

References

https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8 https://access.redhat.com/security/cve/cve-2025-6996

Patch

https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8