An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.
References
Configurations
History
21 Nov 2024, 08:07
Type | Values Removed | Values Added |
---|---|---|
References | () https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US - Vendor Advisory |
22 Aug 2023, 02:16
Type | Values Removed | Values Added |
---|---|---|
First Time |
Ivanti
Ivanti endpoint Manager Mobile |
|
References | (MISC) https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | CWE-287 | |
CPE | cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:* |
15 Aug 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-15 16:15
Updated : 2024-11-21 08:07
NVD link : CVE-2023-35082
Mitre link : CVE-2023-35082
CVE.ORG link : CVE-2023-35082
JSON object : View
Products Affected
ivanti
- endpoint_manager_mobile
CWE
CWE-287
Improper Authentication