vulnerability

Ivanti EPMM/MobileIron Core: CVE-2023-35078: Authentication Bypass Vulnerability

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jul 25, 2023
Added
Jul 26, 2023
Modified
Jul 16, 2024

Description


Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available.

Solution

ivantiepmm-cve-2023-35078
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.