CERTFR-2023-AVI-0604
Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans Ivanti Endpoint Manager Mobile et Endpoint Manager. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à l'intégrité des données.

Ivanti indique que la vulnérabilité CVE-2023-35081 est activement exploitée dans le cadre d'attaques ciblées, tout comme la vulnérabilité CVE-2023-35078.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

  • Ivanti Endpoint Manager Mobile (EPMM), anciennement MobileIron Core, versions 11.10, 11.9 et 11.8 sans le dernier correctif de sécurité

Les anciennes versions sont également affectées, mais n'étant plus supportées, ne recevront pas de correctif de sécurité.

Impacted products
Vendor Product Description
References

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003e\u003cspan class=\"test-id__field-value slds-form-element__static slds-grow slds-form-element_separator is-read-only iv-cad-fld\" data-aura-rendered-by=\"36:307;a\"\u003eIvanti Endpoint Manager Mobile (EPMM), \u003cspan data-aura-rendered-by=\"15:306;a\"\u003eanciennement\u003c/span\u003e MobileIron Core, versions 11.10, 11.9 et 11.8 sans le dernier correctif de s\u00e9curit\u00e9\u003cbr /\u003e \u003c/span\u003e\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eLes anciennes versions sont \u00e9galement affect\u00e9es, mais n\u0027\u00e9tant plus support\u00e9es, ne recevront pas de correctif de s\u00e9curit\u00e9.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-35078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35078"
    },
    {
      "name": "CVE-2023-35081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35081"
    }
  ],
  "initial_release_date": "2023-07-31T00:00:00",
  "last_revision_date": "2023-07-31T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0604",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-07-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Ivanti Endpoint Manager Mobile\net Endpoint Manager. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n\nIvanti indique que la vuln\u00e9rabilit\u00e9 \u003cspan\nclass=\"test-id__field-value slds-form-element__static slds-grow is-read-only iv-cad-fld iv-cad-fldtitle\"\naura-rendered-by=\"96:266;a\"\u003e\u003cspan class=\"uiOutputText\"\naura-rendered-by=\"99:266;a\" aura-class=\"uiOutputText\"\u003eCVE-2023-35081 est\nactivement exploit\u00e9e dans le cadre d\u0027attaques cibl\u00e9es, tout comme la\nvuln\u00e9rabilit\u00e9 \u003cspan\nclass=\"test-id__field-value slds-form-element__static slds-grow slds-form-element_separator is-read-only iv-cad-fld\"\naura-rendered-by=\"36:307;a\"\u003eCVE-2023-35078\u003c/span\u003e.\u003c/span\u003e\u003c/span\u003e\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Ivanti Endpoint Manager Mobile",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ivanti CVE-2023-35081 du 28 juillet 2023",
      "url": "https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.