CVE-2024-29847

Deserialization of untrusted data in the agent portal of Ivanti

Publication date: 2024-09-12

Last updated on: 2024-09-12

Description

Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.

CVSS Scores

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Vendor Advisory

Exploitability

CWE ID	Description
CWE-502	Deserialization of Untrusted Data

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

Meta Information

Date published:

2024-09-12

Date last modified:

2024-09-12

Date generated:

2025-01-15

NVD report:

CVE-2024-29847