□ 개요 o 영향받는 버전을 사용 중인 시스템 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고 o Ivanti의 Ivanti Endpoint Manager에서 발생하는 XML 외부 엔티티(XXE) 취약점(CVE-2024-37397) [1][3] o Ivanti의 Ivanti Endpoint Manager에서 발생하는 SQL Injection 취약점(CVE-2024-8191등 10건) [1][4][5][6][7][8][9][10][11][12][13] o Ivanti의 Ivanti Endpoint Manager에서 발생하는 네트워크 격리 인증 취약점(CVE-2024-8320, CVE-2024-8321) [14][15] o Ivanti의 Ivanti Endpoint Manager에서 발생하는 패치 관리의 취약한 인증 취약점(CVE-2024-8322) [1][16] o Ivanti의 Ivanti Endpoint Manager에서 발생하는 통제되지 않는 검색 경로 요소 취약점(CVE-2024-8441) [1][17]
※ 하단의 참고사이트를 확인하여 업데이트 수행 [1]
[1] https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US [2] https://nvd.nist.gov/vuln/detail/CVE-2024-29847 [3] https://nvd.nist.gov/vuln/detail/CVE-2024-37397 [4] https://nvd.nist.gov/vuln/detail/CVE-2024-8191 [5] https://nvd.nist.gov/vuln/detail/CVE-2024-32840 [6] https://nvd.nist.gov/vuln/detail/CVE-2024-32842 [7] https://nvd.nist.gov/vuln/detail/CVE-2024-32843 [8] https://nvd.nist.gov/vuln/detail/CVE-2024-32845 [9] https://nvd.nist.gov/vuln/detail/CVE-2024-32846 [10] https://nvd.nist.gov/vuln/detail/CVE-2024-32848 [11] https://nvd.nist.gov/vuln/detail/CVE-2024-34779 [12] https://nvd.nist.gov/vuln/detail/CVE-2024-34783 [13] https://nvd.nist.gov/vuln/detail/CVE-2024-34785 [14] https://nvd.nist.gov/vuln/detail/CVE-2024-8320 [15] https://nvd.nist.gov/vuln/detail/CVE-2024-8321 [16] https://nvd.nist.gov/vuln/detail/CVE-2024-8322 [17] https://nvd.nist.gov/vuln/detail/CVE-2024-8441 □ 문의사항 |