Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-35083

Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information.

Published

2023-10-18T04:15:10.900

Last Modified

2024-11-21T08:07:56.550

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ivanti	endpoint_manager	< 2022	Yes
Application	ivanti	endpoint_manager	2022	Yes
Application	ivanti	endpoint_manager	2022	Yes
Application	ivanti	endpoint_manager	2022	Yes
Application	ivanti	endpoint_manager	2022	Yes

References

https://forums.ivanti.com/s/article/SA-2023-06-20-CVE-2023-35083?language=en_US Vendor Advisory ([email protected])
https://forums.ivanti.com/s/article/SA-2023-06-20-CVE-2023-35083?language=en_US Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)