Vulnerabilities > Ivanti > Landesk Management Suite > High

DATE CVE VULNERABILITY TITLE RISK
2019-06-03 CVE-2019-12374 SQL Injection vulnerability in Ivanti Landesk Management Suite 10.0.1.168
A SQL Injection vulnerability exists in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 due to improper username sanitization in the Basic Authentication implementation in core/provisioning.secure/ProvisioningSecure.asmx in Provisioning.Secure.dll.
network
high complexity
ivanti CWE-89
8.1
8.1