A vulnerability has been discovered in Ivanti Endpoint Manager Mobile which could allow for unauthorized access to specific API paths. Ivanti Endpoint Manager Mobile is a mobile management software engine that enables IT to set policies for mobile devices, applications and content. If successfully exploited, an attacker could gain unauthorized access to the database, potentially accessing users’ personally identifiable information such as names and phone numbers. Additionally, the attacker can potentially make configuration changes to the server, including creating an administrative account that can make further changes to a vulnerable system.
More Stories
xen-4.19.0-4.fc41
FEDORA-2024-60809cb44e Packages in this update: xen-4.19.0-4.fc41 Update description: x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] Read More
USN-7031-1: Puma vulnerability
It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite...
USN-7030-1: py7zr vulnerability
It was discovered that py7zr was vulnerable to path traversal attacks. If a user or automated system were tricked into...
CyberDanube Security Research 20240919-0 | Multiple Vulnerabilities in Netman204
Posted by Thomas Weber via Fulldisclosure on Sep 23 CyberDanube Security Research 20240919-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Netman 204...
Submit Exploit CVE-2024-42831
Posted by arfaoui haythem on Sep 23 # Exploit Title: Reflected XSS in Elaine's Realtime CRM Automation v6.18.17 # Date:...