exploitDog

CVE-2023-35083

Опубликовано: 18 окт. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information.

Ссылки

https://forums.ivanti.com/s/article/SA-2023-06-20-CVE-2023-35083?language=en_US
Vendor Advisory
https://forums.ivanti.com/s/article/SA-2023-06-20-CVE-2023-35083?language=en_US
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*

Версия до 2022 (исключая)

cpe:2.3:a:ivanti:endpoint_manager:2022:-:*:*:*:*:*:*

cpe:2.3:a:ivanti:endpoint_manager:2022:su1:*:*:*:*:*:*

cpe:2.3:a:ivanti:endpoint_manager:2022:su2:*:*:*:*:*:*

cpe:2.3:a:ivanti:endpoint_manager:2022:su3:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01167

Низкий

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-8p63-mwfp-hjrv

CVSS3: 6.5

github

больше 2 лет назад

Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information.

EPSS

Процентиль: 78%

0.01167

Низкий

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo