CVE-2023-35081

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Aug 3, 2023

Updated: Aug 8, 2023

CWE ID 22

Summary

CVE-2023-35081 is a path traversal vulnerability affecting Ivanti Endpoint Manager (EPMM) versions prior to 11.10.0.3, 11.9.1.2, and 11.8.1.2. An authenticated administrator can exploit this issue to write arbitrary files onto the Ivanti EPMM appliance, potentially leading to unauthorized access or data breaches. This vulnerability poses a significant risk to organizations using these affected versions and necessitates immediate patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Ivanti Endpoint Manager Mobile

Affected Vendors

MobileIron

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzlEpt
https://www.cve.org/CVERecord?id=CVE-2023-35081
https://nvd.nist.gov/vuln/detail/CVE-2023-35081

Back to Vulnerability Database