Description
Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core, is vulnerable to API Authentication bypass vulnerability. An attacker could exploit this vulnerability to access users' personally identifiable information and make changes to the server.
Remediation
Upgrade to the latest version of Ivanti EPMM
References
CVE-2023-35078 - Remote Unauthenticated API Access Vulnerability
CVE-2023-35082 - Remote Unauthenticated API Access Vulnerability
CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability
Related Vulnerabilities
MySQL Other Vulnerability (CVE-2000-0981)
Oracle JRE CVE-2012-5068 Vulnerability (CVE-2012-5068)
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-27903)
WebLogic CVE-2023-21842 Vulnerability (CVE-2023-21842)
phpBB Improper Input Validation Vulnerability (CVE-2006-2220)