/

CVE-2023-39336 Report - Details, Severity, & Advisorie...

CVE-2023-39336 Report - Details, Severity, & Advisories

Twingate Team

Jul 12, 2024

What is CVE-2023-39336?

CVE-2023-39336 is a critical vulnerability affecting Ivanti Endpoint Manager versions released prior to 2022 SU 5. This unspecified SQL Injection vulnerability allows attackers with access to the internal network to execute arbitrary SQL queries and retrieve output without authentication. In certain cases, this may lead to remote code execution on the core server. Systems running Ivanti Endpoint Manager and instances of MSSQL are at risk, as well as core servers configured to use Microsoft SQL Express.

Who is impacted by CVE-2023-39336?

The CVE-2023-39336 vulnerability affects users of Ivanti Endpoint Manager, specifically those using versions released prior to 2022 SU 5. This includes versions up to 2022 (excluding SU 5), 2022 SU 1, 2022 SU 2, 2022 SU 3, and 2022 SU 4. If you're using any of these versions, your system may be at risk.

What to do if CVE-2023-39336 affected you

If you're affected by the CVE-2023-39336 vulnerability, it's crucial to take action to protect your system. To mitigate the risk, follow these steps:

  1. Update to the latest version of Ivanti Endpoint Manager (2022 SU5).

  2. Subscribe to Ivanti Security Advisories for updates and alerts.

  3. Stay informed about Ivanti EPM-related news and discussions by subscribing to notifications from the EPM Forums.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-39336 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical vulnerability affects Ivanti Endpoint Manager versions prior to 2022 SU 5 and allows attackers to execute SQL queries without authentication, potentially leading to remote code execution.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89, which involves improper neutralization of special elements in SQL commands, potentially leading to SQL injection attacks.

Learn More

For a comprehensive understanding of this vulnerability, consult the NVD page and the sources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-39336 Report - Details, Severity, & Advisorie...

CVE-2023-39336 Report - Details, Severity, & Advisories

Twingate Team

Jul 12, 2024

What is CVE-2023-39336?

CVE-2023-39336 is a critical vulnerability affecting Ivanti Endpoint Manager versions released prior to 2022 SU 5. This unspecified SQL Injection vulnerability allows attackers with access to the internal network to execute arbitrary SQL queries and retrieve output without authentication. In certain cases, this may lead to remote code execution on the core server. Systems running Ivanti Endpoint Manager and instances of MSSQL are at risk, as well as core servers configured to use Microsoft SQL Express.

Who is impacted by CVE-2023-39336?

The CVE-2023-39336 vulnerability affects users of Ivanti Endpoint Manager, specifically those using versions released prior to 2022 SU 5. This includes versions up to 2022 (excluding SU 5), 2022 SU 1, 2022 SU 2, 2022 SU 3, and 2022 SU 4. If you're using any of these versions, your system may be at risk.

What to do if CVE-2023-39336 affected you

If you're affected by the CVE-2023-39336 vulnerability, it's crucial to take action to protect your system. To mitigate the risk, follow these steps:

  1. Update to the latest version of Ivanti Endpoint Manager (2022 SU5).

  2. Subscribe to Ivanti Security Advisories for updates and alerts.

  3. Stay informed about Ivanti EPM-related news and discussions by subscribing to notifications from the EPM Forums.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-39336 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical vulnerability affects Ivanti Endpoint Manager versions prior to 2022 SU 5 and allows attackers to execute SQL queries without authentication, potentially leading to remote code execution.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89, which involves improper neutralization of special elements in SQL commands, potentially leading to SQL injection attacks.

Learn More

For a comprehensive understanding of this vulnerability, consult the NVD page and the sources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-39336 Report - Details, Severity, & Advisories

Twingate Team

Jul 12, 2024

What is CVE-2023-39336?

CVE-2023-39336 is a critical vulnerability affecting Ivanti Endpoint Manager versions released prior to 2022 SU 5. This unspecified SQL Injection vulnerability allows attackers with access to the internal network to execute arbitrary SQL queries and retrieve output without authentication. In certain cases, this may lead to remote code execution on the core server. Systems running Ivanti Endpoint Manager and instances of MSSQL are at risk, as well as core servers configured to use Microsoft SQL Express.

Who is impacted by CVE-2023-39336?

The CVE-2023-39336 vulnerability affects users of Ivanti Endpoint Manager, specifically those using versions released prior to 2022 SU 5. This includes versions up to 2022 (excluding SU 5), 2022 SU 1, 2022 SU 2, 2022 SU 3, and 2022 SU 4. If you're using any of these versions, your system may be at risk.

What to do if CVE-2023-39336 affected you

If you're affected by the CVE-2023-39336 vulnerability, it's crucial to take action to protect your system. To mitigate the risk, follow these steps:

  1. Update to the latest version of Ivanti Endpoint Manager (2022 SU5).

  2. Subscribe to Ivanti Security Advisories for updates and alerts.

  3. Stay informed about Ivanti EPM-related news and discussions by subscribing to notifications from the EPM Forums.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-39336 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical vulnerability affects Ivanti Endpoint Manager versions prior to 2022 SU 5 and allows attackers to execute SQL queries without authentication, potentially leading to remote code execution.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89, which involves improper neutralization of special elements in SQL commands, potentially leading to SQL injection attacks.

Learn More

For a comprehensive understanding of this vulnerability, consult the NVD page and the sources listed below.