- How many CVEs does ivanti have?
- ivanti has 502 published CVE records since 2016, including 131 in the last two years.
- How many ivanti CVEs are in CISA KEV?
- Yes — 35 of ivanti's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which ivanti products have the most CVEs?
- The ivanti products with the most published CVEs are Connect Secure, Avalanche, Endpoint Manager, Policy Secure, EPM.
- What are the most common weakness types in ivanti CVEs?
- ivanti's CVEs most often map to these CWE weakness types: CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-434 (Unrestricted Upload of File with Dangerous Type).
- Are there public exploits for ivanti vulnerabilities?
- Yes — 56 of ivanti's CVEs have a known public exploit.
- How many critical ivanti vulnerabilities are there?
- ivanti has 115 critical and 282 high-severity CVEs.
- What is the average severity of ivanti CVEs?
- The average CVSS base score across ivanti's scored CVEs is 7.8.