CVE-2024-37397 – Ivanti EPM XXE Leak

CVE ID : CVE-2024-37397

Published : Sept. 12, 2024, 2:15 a.m. | 1 hour, 6 minutes ago

Description : An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to leak API secrets.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2024-37397

Published : Sept. 12, 2024, 2:15 a.m. | 1 hour, 6 minutes ago

Description : An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to leak API secrets.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…