GCVE - cpe:2.3:a:ivanti:endpoint_manager:2024:su4_security_release

Approved changes feed: RSS · Atom

cpe:2.3:a:ivanti:endpoint_manager:2024:su4_security_release_1:*:*:*:*:*:*

part: a version: 2024 update: su4_security_release_1

Vendor	Ivanti (`40b984ad-e54c-5e1b-9aa1-2a4cd4d61129`)
Product	Endpoint Manager (`006063b4-e9bc-5f0c-b4e5-d80a079df021`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-8111`	vulnerable	2026-06-03 15:27:57.654514	Details available HIGH (8.8) SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution. Published: 2026-05-12T14:33:45.708Z Updated: 2026-05-13T03:57:54.231Z Open on db.gcve.eu Reference links https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-May-2026?language=en_US	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-8110`	vulnerable	2026-06-03 15:27:57.653404	Details available HIGH (7.8) Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges. Published: 2026-05-12T14:31:26.135Z Updated: 2026-05-13T03:57:53.140Z Open on db.gcve.eu Reference links https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-May-2026?language=en_US	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-8109`	vulnerable	2026-06-03 15:27:57.649542	Details available MEDIUM (6.5) An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials. Published: 2026-05-12T14:29:10.500Z Updated: 2026-05-12T18:58:58.165Z Open on db.gcve.eu Reference links https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-May-2026?language=en_US	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-1603`	vulnerable	2026-06-03 15:14:44.735124	Details available HIGH (8.6) An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data. Published: 2026-02-10T15:09:35.459Z Updated: 2026-03-10T03:55:23.819Z Open on db.gcve.eu Reference links https://hub.ivanti.com/s/article/Security-Advisory-EPM-February-2026-for-EPM-2024?language=en_US	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Endpoint Manager

PURL mappings

Vulnerability references

Contribute