Ivanti Landesk Management Suite 10.0.1.168 Service Update 5
Approved changes feed: RSS · Atom
cpe:2.3:a:ivanti:landesk_management_suite:10.0.1.168:service_update_5:*:*:*:*:*:*
part: a version: 10.0.1.168 update: service_update_5
| Vendor | Ivanti (40b984ad-e54c-5e1b-9aa1-2a4cd4d61129) |
|---|---|
| Product | Landesk Management Suite (b0302527-c1a2-54c2-ad8f-d633fabe948e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-12377 |
vulnerable | 2026-06-03 14:39:34.696228 |
Details available
A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 allows arbitrary file upload, which may lead to arbitrary remote code execution.
Published: 2019-06-03T19:19:43.000Z
Updated: 2024-08-04T23:17:39.896Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-12376 |
vulnerable | 2026-06-03 14:39:34.695920 |
Details available
Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to full managed endpoint compromise by an authenticated user with read privileges.
Published: 2019-06-03T19:23:37.000Z
Updated: 2024-08-04T23:17:40.126Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-12375 |
vulnerable | 2026-06-03 14:39:34.695634 |
Details available
Open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote information disclosure and arbitrary code execution.
Published: 2019-06-03T19:24:45.000Z
Updated: 2024-08-04T23:17:39.878Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-12374 |
vulnerable | 2026-06-03 14:39:34.695338 |
Details available
A SQL Injection vulnerability exists in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 due to improper username sanitization in the Basic Authentication implementation in core/provisioning.secure/ProvisioningSecure.asmx in Provisioning.Secure.dll.
Published: 2019-06-03T19:26:14.000Z
Updated: 2024-08-04T23:17:39.658Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-12373 |
vulnerable | 2026-06-03 14:39:34.694930 |
Details available
Improper access control and open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote disclosure of administrator passwords.
Published: 2019-06-03T19:27:16.000Z
Updated: 2024-08-04T23:17:39.836Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.