Vulnerabilities > CVE-2024-22026 - Unspecified vulnerability in Ivanti Endpoint Manager Mobile

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

ivanti

NVD

Published: 2024-05-22

Updated: 2025-03-13

Summary

A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance.

Vulnerable Configurations

Part	Description	Count
Application	Ivanti Ivanti Endpoint Manager Mobile - Ivanti Endpoint Manager Mobile 11.4.0 Ivanti Endpoint Manager Mobile 11.4.0.0 Ivanti Endpoint Manager Mobile 11.4.1.0 Ivanti Endpoint Manager Mobile 11.5.0 Ivanti Endpoint Manager Mobile 11.5.0.0 Ivanti Endpoint Manager Mobile 11.6.0 Ivanti Endpoint Manager Mobile 11.6.0.0 Ivanti Endpoint Manager Mobile 11.6.0.01 Ivanti Endpoint Manager Mobile 11.6.0.1 Ivanti Endpoint Manager Mobile 11.7.0 Ivanti Endpoint Manager Mobile 11.7.0.0 Ivanti Endpoint Manager Mobile 11.8.0 Ivanti Endpoint Manager Mobile 11.8.0.0 Ivanti Endpoint Manager Mobile 11.8.1.0 Ivanti Endpoint Manager Mobile 11.8.1.1 Ivanti Endpoint Manager Mobile 11.8.1.2 Ivanti Endpoint Manager Mobile 11.9.0 Ivanti Endpoint Manager Mobile 11.9.0.0 Ivanti Endpoint Manager Mobile 11.9.0.1 Ivanti Endpoint Manager Mobile 11.9.1.0 Ivanti Endpoint Manager Mobile 11.9.1.1 Ivanti Endpoint Manager Mobile 11.9.1.2 Ivanti Endpoint Manager Mobile 11.10.0 Ivanti Endpoint Manager Mobile 11.10.0.0 Ivanti Endpoint Manager Mobile 11.10.0.1 Ivanti Endpoint Manager Mobile 11.10.0.2 Ivanti Endpoint Manager Mobile 11.10.0.3 Ivanti Endpoint Manager Mobile 11.10.0.4 Ivanti Endpoint Manager Mobile 11.11.0 Ivanti Endpoint Manager Mobile 11.11.0.0 Ivanti Endpoint Manager Mobile 11.11.0.1 Ivanti Endpoint Manager Mobile 11.11.0.2 Ivanti Endpoint Manager Mobile 11.12.0.0 Ivanti Endpoint Manager Mobile 11.12.0.1 Ivanti Endpoint Manager Mobile 11.12.0.2 Ivanti Endpoint Manager Mobile 11.12.0.3 Ivanti Endpoint Manager Mobile 12.0.0.0 Ivanti Endpoint Manager Mobile 12.0.0.1 Ivanti Endpoint Manager Mobile 12.0.0.2 Ivanti Endpoint Manager Mobile 12.0.0.3 Ivanti Endpoint Manager Mobile 12.0.0.4 Ivanti Endpoint Manager Mobile 12.0.0.5	43

Vulnerabilities > CVE-2024-22026 - Unspecified vulnerability in Ivanti Endpoint Manager Mobile

Summary

Vulnerable Configurations

Related news

References