Information Disclosure Vulnerability in Ivanti Endpoint Manager through 2020.1.1

Information Disclosure Vulnerability in Ivanti Endpoint Manager through 2020.1.1

CVE-2020-13772 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required.

Learn more about our Cis Benchmark Audit For Server Software.