CVE-2023-46806

CVE Database · CVE-2023-46806

CVE-2023-46806

· N/AAnalyzed

CVSS v3.1

N/A

EPSS

0.97%

Published

May 22, 2024

Modified

Jun 13, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database.

Weaknesses (CWE)

CWE-89

Affected Products (1)

ivanti · endpoint_manager_mobile (up to 12.1.0.0)vulnerable

References (2)

https://forums.ivanti.com/s/article/Security-Advisory-EPMM-May-2024?language=en_US

Vendor Advisory

https://forums.ivanti.com/s/article/Security-Advisory-EPMM-May-2024?language=en_US

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs