Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.IVANTI_ENDPOINT_MANAGER_MOBILE_CVE-2023-35078.NBINHistoryAug 01, 2023 - 12:00 a.m.
Ivanti Endpoint Manager Mobile Remote Unauthenticated API Access (CVE-2023-35078)
2023-08-0100:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
ivanti endpoint manager
mobile
remote access
unauthenticated
api
cve-2023-35078
binary data
scanner
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.968 High
EPSS
Percentile
99.7%
The version of Ivanti Endpoint Manager Mobile, formerly MobileIron Core, running on the remote host is affected by an undisclosed unauthenticated API access vulnerability.
Binary data ivanti_endpoint_manager_mobile_CVE-2023-35078.nbin| Vendor | Product | Version | CPE |
|---|---|---|---|
| ivanti | mobileiron | cpe:/a:ivanti:mobileiron | |
| mobileiron | core | cpe:/a:mobileiron:core |
Related
prion
prion
Authentication flaw
2023-07-25 07:15:00
Authentication flaw
2023-08-15 16:15:00
githubexploit
githubexploit
Exploit for Improper Authentication in Ivanti Endpoint Manager Mobile
2023-07-31 02:24:24
Exploit for Improper Authentication in Ivanti Endpoint Manager Mobile
2023-08-04 07:08:06
Exploit for Improper Authentication in Ivanti Endpoint Manager Mobile
2024-03-29 14:15:49
attackerkb
attackerkb
CVE-2023-35078
2023-07-25 00:00:00
CVE-2023-35082
2023-08-15 00:00:00
cisa_kev
cisa_kev
Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability
2023-07-25 00:00:00
Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability
2023-07-31 00:00:00
nessus
nessus
malwarebytes
malwarebytes
Patch now! Ivanti Endpoint Manager Mobile Authentication vulnerability used in the wild
2023-07-27 08:15:00
Ivanti patches second zero-day vulnerability being used in attacks
2023-08-02 15:15:00
[updated] Ivanti Sentry critical vulnerabilityβdon't play dice, patch
2023-08-23 16:30:00
nvd
nvd
CVE-2023-35078
2023-07-25 07:15:10
CVE-2023-35082
2023-08-15 16:15:11
nuclei
nuclei
Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass
2023-07-28 21:38:50
MobileIron Core - Remote Unauthenticated API Access
2023-08-03 16:20:05
thn
thn
cvelist
cvelist
CVE-2023-35078
2023-07-25 06:08:38
CVE-2023-35082
2023-08-15 15:11:56
cve
cve
CVE-2023-35078
2023-07-25 07:15:10
CVE-2023-35082
2023-08-15 16:15:11
rapid7blog
rapid7blog
CVE-2023-35078: Critical API Access Vulnerability in Ivanti Endpoint Manager Mobile
2023-07-26 16:45:05
Whatβs New in InsightVM and Nexpose: Q3 2023 in Review
2023-09-29 19:42:26
CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability
2023-08-02 16:05:47
ics
ics
Threat Actors Exploiting Ivanti EPMM Vulnerabilities
2023-08-01 12:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.968 High
EPSS
Percentile
99.7%
Related for IVANTI_ENDPOINT_MANAGER_MOBILE_CVE-2023-35078.NBIN