CVE-2024-37381 Information

Description

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2024 flat allows an authenticated attacker within the same network to execute arbitrary code.

Reference

https://forums.ivanti.com/s/article/Security-Advisory-EPM-July-2024-for-EPM-2024