CVE-2020-13772
N/A
N/A
Summary
In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://forums.ivanti.com/s/
- https://labs.jumpsec.com/cve-2020-13772-ivanti-uem-system-information-disclosure/
References
- https://forums.ivanti.com/s/
- https://labs.jumpsec.com/cve-2020-13772-ivanti-uem-system-information-disclosure/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.