vulnerability
Ivanti EPMM/MobileIron Core: CVE-2023-35078: Authentication Bypass Vulnerability
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Jul 25, 2023 | Jul 26, 2023 | Jul 16, 2024 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jul 25, 2023
Added
Jul 26, 2023
Modified
Jul 16, 2024
Description
Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available.
Solution
ivantiepmm-cve-2023-35078

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.