- Description
- SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Analyzed
- Products
- endpoint_manager
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- CWE-89
- Hype score
- Not currently trending
Warning: Multiple critical and high vulnerabilities in #Ivanti #EndpointManager #EPM #VirtualTrafficManager #VTM #Xtraction #CVE-2026-8043 #CVE-2026-8051 #CVE-2026-8111 #CVE-2026-8110 CVSS: 9.6.-7.2 For details visit our advisory https://t.co/Kg7jumeLXg #Patch #Patch #Patch
@CCBalert
14 May 2026
183 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️ HIGH — CVE-2026-8111 SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attac… CVSS 8.8 Full analysis → https://t.co/v0sYNcCQv9 #Ivanti #CyberSecurity #InfoSec
@KaitanSecurity
12 May 2026
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "372561DA-DEAF-47DA-99B3-8BBBDADFD91A",
"versionEndIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*",
"matchCriteriaId": "6C7283FE-C10A-4E37-B004-15FB0CAC49A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su1:*:*:*:*:*:*",
"matchCriteriaId": "FC51EEA2-1C4C-4069-9704-7ACFE4773930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su2:*:*:*:*:*:*",
"matchCriteriaId": "E1EF5E1B-9377-49D3-9BE3-62FC78E666A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su3:*:*:*:*:*:*",
"matchCriteriaId": "749AADDA-834D-4EC0-B7FF-E136FD1984F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su3_security_release_1:*:*:*:*:*:*",
"matchCriteriaId": "698BF7A1-62A1-45B5-BF08-AB3F3AA0245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su4:*:*:*:*:*:*",
"matchCriteriaId": "4902A745-E7CB-4FC9-9BCB-89EFAB643237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su4_security_release_1:*:*:*:*:*:*",
"matchCriteriaId": "9DF8F788-0384-4E6B-844E-35ED79CA1F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su5:*:*:*:*:*:*",
"matchCriteriaId": "BABFF9B3-92CE-4086-BE93-9A884F1210D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]