Exposures › CVE-2024-13161
CVE-2024-13161
Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-03-10
Reference
⌖ exploited in the wild
shame 50/100
exploited-in-wild
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
Players implicated
Description
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
Affected FedRAMP products 2 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| Ivanti Neurons for ITSM (Formerly Service Manager) | Ivanti | Authorized | vendor-exact · 0.90 |
| Ivanti Neurons for MDM (Formerly MobileIron) | Ivanti | Authorized | vendor-exact · 0.90 |