CVE-2020-13769

LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request.
References
Link Resource
https://forums.ivanti.com/s/ Permissions Required Vendor Advisory
https://labs.jumpsec.com/advisory-cve-2020-13769-ivanti-uem-sql-injection/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*

Information

Published : 2020-11-16 04:15

Updated : 2020-11-21 03:36


NVD link : CVE-2020-13769

Mitre link : CVE-2020-13769

Products Affected
No products.
CWE