Path Traversal Vulnerability in Ivanti Endpoint Manager

CVE-2024-10811

What is CVE-2024-10811?

CVE-2024-10811 is a vulnerability identified in Ivanti Endpoint Manager (EPM), a software solution designed to help organizations manage and secure their endpoints. This particular vulnerability involves an absolute path traversal issue that can be exploited by remote, unauthenticated attackers. If successfully exploited, it allows the attackers to leak sensitive information from affected systems. This can result in significant data exposure risks, undermining the confidentiality and integrity of organizational data and leading to potential compliance violations.

Technical Details

The vulnerability exists in Ivanti Endpoint Manager versions released prior to the January 2025 Security Update and the January 2025 Security Update for version 2022 SU6. The path traversal flaw enables unauthorized access to files on the server by manipulating file paths. Attackers leveraging this vulnerability can obtain files that should remain protected, making it imperative for organizations using the software to address this security concern.

Potential impact of CVE-2024-10811

1. Data Leakage: Attackers could access and exfiltrate sensitive information, including user data and proprietary information, which may lead to data breaches and significant reputational damage.

2. Compliance Violations: The unauthorized access to sensitive information can result in violations of data protection regulations, such as GDPR or HIPAA, potentially leading to hefty fines and legal repercussions.

3. Increased Attack Surface: The exploitation of this vulnerability could serve as an entry point for further attacks, allowing adversaries to gather intelligence on the network and devise more complex attacks, including ransomware deployment or other malicious activities.

References