Ivanti Endpoint Manager 2020.1
Approved changes feed: RSS · Atom
cpe:2.3:a:ivanti:endpoint_manager:2020.1:*:*:*:*:*:*:*
part: a version: 2020.1 update: *
| Vendor | Ivanti (40b984ad-e54c-5e1b-9aa1-2a4cd4d61129) |
|---|---|
| Product | Endpoint Manager (006063b4-e9bc-5f0c-b4e5-d80a079df021) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-13774 |
vulnerable | 2026-06-03 14:41:37.081134 |
Details available
An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server.
Published: 2020-11-12T19:22:15.000Z
Updated: 2024-08-04T12:25:16.517Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.