An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
References
Link | Resource |
---|---|
https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability | Vendor Advisory |
https://forums.ivanti.com/s/article/KB-Remote-unauthenticated-API-access-vulnerability-CVE-2023-35078 | Patch Vendor Advisory |
https://www.cisa.gov/news-events/alerts/2023/07/24/ivanti-releases-security-updates-endpoint-manager-mobile-epmm-cve-2023-35078 | Third Party Advisory US Government Resource |
https://www.ivanti.com/blog/cve-2023-35078-new-ivanti-epmm-vulnerability | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2023-07-25T06:08:38.441Z
Updated: 2023-11-28T19:30:31.171Z
Reserved: 2023-06-13T01:00:11.783Z
Link: CVE-2023-35078
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-07-25T07:15:10.897
Modified: 2024-06-27T18:52:14.877
Link: CVE-2023-35078
JSON object: View
Redhat Information
No data.
CWE