Lucene search
PRIOn knowledge basePRION:CVE-2023-28323HistoryJul 01, 2023 - 12:15 a.m.
Deserialization of untrusted data
2023-07-0100:15:00
PRIOn knowledge base
www.prio-n.com
1
deserialization
elevation of rights
epm 2022 su3
operating system vulnerabilities
network attack
A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS (Operating System) vulnerabilities to escalate privileges on the machine or be used as a stepping stone to get to other network attached machines.
| CPE | Name | Operator | Version |
|---|---|---|---|
| endpoint_manager | eq | 2022 su1 | |
| endpoint_manager | lt | 2022 | |
| endpoint_manager | eq | 2022 | |
| endpoint_manager | eq | 2022 su2 | |
| endpoint_manager | eq | 2022 su3 |
Related
cve
cve
CVE-2023-28323
2023-07-01 00:15:10
zdi
zdi
cvelist
cvelist
CVE-2023-28323
2023-06-30 23:40:30
nvd
nvd
CVE-2023-28323
2023-07-01 00:15:10
nessus
nessus
Ivanti Endpoint Manager < 2022 SU4 Privilege Escalation (SA-2023-06-20)
2024-06-21 00:00:00