claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2023-35081-ivanti-endpoint-manager-mobile-epmm.log

CVE-2023-35081 — Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability

2023-07-31 • CISA Known Exploited Vulnerability

[event] Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).

> AFFECTED SOFTWARE

Field Value
Vendor Ivanti
Product Endpoint Manager Mobile (EPMM)
CWE CWE-22
CVE ID CVE-2023-35081
Date Added 2023-07-31
Due Date 2023-08-21
Ransomware Campaign Unknown

> MITIGATION

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Due Date: 2023-08-21

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:10 UTC