CVE-2022-35259

Summary

XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.

Affected Software

VendorProductVersion RangeStatus
n/aIvanti Endpoint Manager2022.3 and belowaffected

Weaknesses

  • CWE-91: XML Injection (CWE-91)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References