CNNVD-202602-1620 Information

Feb 10, 2026 cve

CNNVD ID

CNNVD-202602-1620

CVE-2026-1602

CNNVD Published: 2026-02-10

Description (Chinese)

Ivanti Endpoint Manager（EPM）是美国Ivanti公司的一套端点安全管理器。 Ivanti Endpoint Manager 2024 SU5之前版本存在SQL注入漏洞，该漏洞源于远程认证攻击者可读取数据库中的任意数据，可能导致SQL注入攻击。

Description (English)

Ivanti Endpoint Manager (EPM) is an end-point security manager for Ivanti USA. The previous version of Ivanti Endpoint Manager 2024 SU5 had an injection loophole in SQL, which originated from remote authentication of random data available in the database of assailants and could lead to SQL injection attacks.

Vulnerability Type

SQL注入

Affected Vendor

Ivanti

Published

2026-02-10

Last Modified

2026-02-24

References

https://hub.ivanti.com/s/article/Security-Advisory-EPM-February-2026-for-EPM-2024?language=en_US https://access.redhat.com/security/cve/cve-2026-1602

Patch

https://www.ivanti.com/

Share on: