CVE-2023-35083

Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information.

Published: Oct 18, 2023
Updated: Oct 26, 2023
CVE: CVE-2023-35083
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ivanti / endpoint_manager	2022-su1	2022-su1.x
ivanti / endpoint_manager	-	2022
ivanti / endpoint_manager	2022	2022.x
ivanti / endpoint_manager	2022-su2	2022-su2.x
ivanti / endpoint_manager	2022-su3	2022-su3.x

https://forums.ivanti.com/s/article/SA-2023-06-20-CVE-2023-35083?language=en_US

Vulnerability Database

CVE-2023-35083