Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
CWE-94