CVE-2021-44529
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
⚠ KEVEPSS 94.5%
Description
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).
How to fix CVE-2021-44529
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2021-44529 being exploited?
Yes — CVE-2021-44529 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.