CVE-2023-35083

6.5MEDIUM

Key Information:

Vendor: Ivanti
Status: Endpoint Manager
Vendor: CVE Published:; 18 October 2023

Summary

Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information.

Affected Version(s)

Endpoint Manager 2022 su3

References

https://forums.ivanti.com/s/article/SA-2023-06-20-CVE-202...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 18, 2023
Vulnerability Reserved
Jun 13, 2023

Collectors

NVD DatabaseMitre Database