CVE-2023-35081: Ivanti Endpoint Manager Mobile (EPMM) Path Traversal

Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability. Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).

• CISA KEV-listed (remediation due 2023-08-21)
• EPSS 90.7% (99.6% percentile)

Browse the CVE database

Read the full analysis on IntelFusions