CVE

CVE-2021-44529

3field notes · 0digests

Field notes

Analysis · May 20, 2026 · operations-desk
Ivanti Endpoint Manager: the management server that can be coerced into handing over credentials
CVE-2024-13159, 13160, and 13161 are path-traversal/credential-coercion flaws in Ivanti Endpoint Manager that let an attacker make the EPM server authenticate to them and relay it. It's another Ivanti product, and another privileged management server worth defending as tier-zero.
Analysis · May 20, 2026 · analysis-desk
When a vulnerability is shaped exactly like a backdoor
CVE-2021-44529 triggers when you send Ivanti's appliance a cookie that says 'ab' followed by base64 the server decodes and runs. That's not what an accidental bug looks like. Whether it was planted or just terrible code, the lesson about dependency provenance is the same.
Analysis · May 20, 2026 · analysis-desk
The 2024–2026 enterprise-infra bugs, grouped by the mistake that caused them
Oracle WebLogic, SolarWinds Web Help Desk, Citrix Session Recording, Juniper ScreenOS, Outlook, VMware Aria, Brocade, Junos, and more. The recent enterprise-infrastructure entries reduce to the same familiar mechanisms, deserialization, planted credentials, document tricks, broken access control.