GCVE - cpe:2.3:a:ivanti:endpoint_manager_cloud_services

Approved changes feed: RSS · Atom

cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:4.6:-:*:*:*:*:*:*

part: a version: 4.6 update: -

Vendor	Ivanti (`40b984ad-e54c-5e1b-9aa1-2a4cd4d61129`)
Product	Endpoint Manager Cloud Services Appliance (`4430cfe3-f461-567d-9aa0-0a923a4cb9b0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-8963`	vulnerable	2026-06-03 14:58:20.117116	Details available CRITICAL (9.4) Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. Published: 2024-09-19T17:14:49.386Z Updated: 2025-10-21T22:55:44.119Z Open on db.gcve.eu Reference links https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-4-6-Cloud-Services-Appliance-CVE-2024-8963	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-44529`	vulnerable	2026-06-03 14:45:36.545570	Details available A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody). Published: 2021-12-08T00:00:00.000Z Updated: 2025-10-21T23:25:23.846Z Open on db.gcve.eu Reference links https://forums.ivanti.com/s/article/SA-2021-12-02 http://packetstormsecurity.com/files/166383/Ivanti-Endpoint-Manager-CSA-4.5-4.6-Remote-Code-Execution.html http://packetstormsecurity.com/files/170590/Ivanti-Cloud-Services-Appliance-CSA-Command-Injection.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.