virus logo Intrusion Prevention

Ivanti.EPMM.CVE-2023-35082.Authentication.Bypass

description-logoDescription

This indicates an attack attempt to exploit a Authentication Bypass Vulnerability in Ivanti Endpoint Manager Mobile (EPMM).
The vulnerability is due to insufficient authentication check for user requests to the system's API. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted requests to the target server. Successfully exploiting these vulnerabilities could allow an attacker to obtain PII and other sensitive information.

affected-products-logoAffected Products

Ivanti Endpoint Manager Mobile (EPMM) before 11.11

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2024-02-26 26.739
Modified
 Default_action:pass:drop
2024-02-14 26.733
New
ID 54596
Created Jan 22, 2024
Updated Feb 29, 2024
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 94.4%
Default Action drop
Active
Affected OS Linux, BSD
Affected App PHP_app
Profile Type Permission/Privilege/Access Control