Vulnerabilities > Ivanti > Endpoint Manager Mobile > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-07 | CVE-2024-36131 | Deserialization of Untrusted Data vulnerability in Ivanti Endpoint Manager Mobile An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance. | 8.8 |
| 2024-08-07 | CVE-2024-36132 | Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources. | 7.5 |
| 2023-08-03 | CVE-2023-35081 | Path Traversal vulnerability in Ivanti Endpoint Manager Mobile A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance. | 7.2 |