CVE-2023-46807

medium

Description

An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database.

References

https://forums.ivanti.com/s/article/Security-Advisory-EPMM-May-2024?language=en_US

Details

Source: Mitre, NVD

Published: 2024-05-22

Updated: 2025-06-13

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L