CVE-2023-35082

Description

An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.

NVD
Severity: CRITICAL
CVE ID: CVE-2023-35082
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

HackerOne
Severity: CRITICAL
CVE ID: CVE-2023-35082
CVSS Score: 10.0
CVSS Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2023-35082

Refrence: Project Discovery GitHub

Chocapikk

Remote Unauthenticated API Access Vulnerability in MobileIron Core 11.2 and older

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept