Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.
AnalysisAI
Remote authenticated attackers can exploit an exposed dangerous method on the Core Server of Ivanti Endpoint Manager versions before 2024 SU6 to leak access credentials. The vulnerability requires valid authentication credentials to exploit and does not allow code execution or system modification, but compromises confidentiality by exposing sensitive authentication material that could facilitate lateral movement or account takeover.
Technical ContextAI
Ivanti Endpoint Manager's Core Server exposes a method that is not properly restricted or secured, falling under CWE-749 (Exposed Dangerous Method or Function). This represents an API or internal function design flaw where privileged operations or sensitive data access are inadequately protected from authenticated users. The vulnerability affects the Ivanti Endpoint Manager product line, a widely-deployed enterprise endpoint management and security solution. The exposed method likely handles credential storage, retrieval, or management operations, allowing authenticated users to bypass normal access controls and retrieve credentials that should remain protected.
RemediationAI
Immediately upgrade Ivanti Endpoint Manager to version 2024 SU6 or later per the vendor security advisory at https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-May-2026?language=en_US. If upgrade cannot be immediately deployed, restrict network access to the Ivanti Endpoint Manager Core Server to trusted administrative networks and subnets only; implement firewall rules limiting access to the Core Server port to authorized administrative staff. Additionally, audit and enforce principle of least privilege for user accounts with access to Endpoint Manager administration functions, and monitor audit logs for unusual credential retrieval or API method calls. Disable or restrict the dangerous exposed method via application configuration if supported by your Endpoint Manager version; consult vendor documentation for method-specific hardening options. These compensating controls reduce but do not eliminate risk - patching remains the primary remediation.
Authentication bypass in Ivanti Virtual Traffic Manager (vTM) admin panel allows remote unauthenticated attackers to gai
Ivanti Endpoint Manager contains an absolute path traversal vulnerability allowing unauthenticated remote attackers to l
Ivanti Endpoint Manager contains a second absolute path traversal vulnerability for unauthenticated information disclosu
Ivanti Endpoint Manager contains a third absolute path traversal vulnerability for unauthenticated information disclosur
Ivanti Connect Secure, Policy Secure, and Neurons for ZTA contain a stack-based buffer overflow allowing unauthenticated
An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to a
Ivanti Endpoint Manager Mobile (EPMM) contains a critical code injection vulnerability (CVE-2026-1281, CVSS 9.8) that al
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that allows unauthenticated attackers to a
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow enabling unauthenticated re
Ivanti Endpoint Manager Mobile (EPMM) contains an authenticated code injection in the API component, allowing authentica
Ivanti Endpoint Manager before 2024 SU5 contains an authentication bypass (CVE-2026-1603, CVSS 8.6) that allows unauthen
Remote code execution in Ivanti Sentry before R10.5.2, R10.6.2, and R10.7.1 allows unauthenticated remote attackers to a
Same weakness CWE-749 – Exposed Dangerous Method or Function
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29489
GHSA-5fg5-92p6-87xv