CVE-2023-35081: Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability
First published: Mon Jul 31 2023(Updated: )
Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).
Credit: support@hackerone.com support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ivanti Endpoint Manager Mobile | >=11.8.0<11.8.1.2 | |
| Ivanti Endpoint Manager Mobile | >=11.9.0<11.9.1.2 | |
| Ivanti Endpoint Manager Mobile | >=11.10.0<11.10.0.3 | |
| Ivanti Endpoint Manager Mobile (EPMM) | ||
| Ivanti Endpoint Manager Mobile | =11.10 | |
| Ivanti Endpoint Manager Mobile | =11.9 | |
| Ivanti Endpoint Manager Mobile | =11.8 | |
| MobileIron Core | =11.7 and below |
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US
- https://www.bleepingcomputer.com/news/security/cisa-critical-ivanti-auth-bypass-bug-now-actively-exploited/
- https://www.bleepingcomputer.com/news/security/ivanti-connect-secure-zero-days-now-under-mass-exploitation/
- https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-flaws-in-its-avalanche-mdm-solution/
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-35081.
What is the severity of CVE-2023-35081?
The severity of CVE-2023-35081 is high with a CVSS score of 7.2.
What is the affected software for CVE-2023-35081?
The affected software for CVE-2023-35081 is Ivanti Endpoint Manager Mobile (EPMM) versions 11.8.0 to 11.10.0.3.
What is the vulnerability description of CVE-2023-35081?
CVE-2023-35081 is a path traversal vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that allows an authenticated administrator to perform malicious file writes to the EPMM server.
Is there any additional reference for CVE-2023-35081?
Yes, you can find more information about CVE-2023-35081 at the following link: [Ivanti Forum](https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US)
- collector/nvd-latest
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/remedy
- agent/title
- agent/weakness
- agent/severity
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2023-35082
- alias/CVE-2023-46805
- alias/CVE-2024-21887
- alias/CVE-2021-22893
- alias/CVE-2023-35078
- alias/CVE-2023-35081
- alias/CVE-2023-38035
- agent/references
- agent/event
- agent/news-ai
- agent/softwarecombine
- agent/tags
- alias/CVE-2024-24996
- alias/CVE-2024-29204
- alias/CVE-2023-32560
- vendor/ivanti
- canonical/ivanti endpoint manager mobile
- version/ivanti endpoint manager mobile/11.8.0
- version/ivanti endpoint manager mobile/11.9.0
- version/ivanti endpoint manager mobile/11.10.0
- canonical/ivanti endpoint manager mobile (epmm)
- version/ivanti endpoint manager mobile/11.10
- version/ivanti endpoint manager mobile/11.9
- version/ivanti endpoint manager mobile/11.8
- vendor/mobileiron
- canonical/mobileiron core
- version/mobileiron core/11.7 and below