CVE-2022-35259

CVE-2022-35259

Vendor N/A
Product Ivanti Endpoint Manager
Weakness CWE-91 · XML injection
Published December 5, 2022
Last update April 24, 2025

CVSS base score

What the vulnerability does

01Description

XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.

Key dates

02Disclosure timeline

December 5, 2022 CVE published
April 24, 2025 Record updated