CVE-2023-35082
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability
CVSS
—
Sin CVSS
EPSS
100.0%
p100
KEV
SÍ
18 ene 2024
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Ivanti / Endpoint Manager Mobile (EPMM) and MobileIron Core
Vulnerabilidad
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability
Añadido a KEV
18 ene 2024
Remediar antes de
8 feb 2024
Uso conocido en ransomware
Sí
Descripción resumida
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows unauthorized users to access restricted functionality or resources of the application.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older; https://nvd.nist.gov/vuln/detail/CVE-2023-35082
Sin CVEs relacionados por CWE o producto.