Endpoint Manager Cloud Services Appliance
Approved changes feed: RSS · Atom
cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Ivanti (40b984ad-e54c-5e1b-9aa1-2a4cd4d61129) |
|---|---|
| Product | Endpoint Manager Cloud Services Appliance (4430cfe3-f461-567d-9aa0-0a923a4cb9b0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-9381 |
vulnerable | 2026-06-03 14:58:21.120060 |
Details available
HIGH (7.2)
Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.
Published: 2024-10-08T16:25:27.092Z
Updated: 2024-10-08T19:23:27.864Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9380 |
vulnerable | 2026-06-03 14:58:21.119575 |
Details available
HIGH (7.2)
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.
Published: 2024-10-08T16:23:49.949Z
Updated: 2025-10-21T22:55:43.528Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9379 |
vulnerable | 2026-06-03 14:58:21.119030 |
Details available
MEDIUM (6.5)
SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
Published: 2024-10-08T16:23:13.310Z
Updated: 2025-10-21T22:55:43.655Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8963 |
vulnerable | 2026-06-03 14:58:20.115694 |
Details available
CRITICAL (9.4)
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
Published: 2024-09-19T17:14:49.386Z
Updated: 2025-10-21T22:55:44.119Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8190 |
vulnerable | 2026-06-03 14:58:17.375799 |
Details available
HIGH (7.2)
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
Published: 2024-09-10T20:33:44.793Z
Updated: 2025-10-21T22:55:44.915Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44529 |
vulnerable | 2026-06-03 14:45:36.545004 |
Details available
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
Published: 2021-12-08T00:00:00.000Z
Updated: 2025-10-21T23:25:23.846Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.