A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources.
References
Link | Resource |
---|---|
https://forums.ivanti.com/s/article/CVE-2023-39335?language=en_US | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Aug 2024, 20:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-269 |
22 Nov 2023, 15:06
Type | Values Removed | Values Added |
---|---|---|
First Time |
Ivanti endpoint Manager Mobile
Ivanti |
|
CPE | cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | NVD-CWE-noinfo | |
References | () https://forums.ivanti.com/s/article/CVE-2023-39335?language=en_US - Vendor Advisory |
15 Nov 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-15 00:15
Updated : 2024-08-29 20:35
NVD link : CVE-2023-39335
Mitre link : CVE-2023-39335
CVE.ORG link : CVE-2023-39335
JSON object : View
Products Affected
ivanti
- endpoint_manager_mobile
CWE