CVE-2023-35081CISA KEV: Actively Exploited

Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability

Published Jul 31, 2023·Updated Jul 31, 2023

Description

Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free