CVE-2024-13159 — Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Description

Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.

How to fix CVE-2024-13159

No package mapping is available — consult the references below for vendor-specific guidance.

Is CVE-2024-13159 being exploited?

Yes — CVE-2024-13159 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.

Affected packages (0)

No package mapping in OSV.