Executive Risk Summary
"An authentication bypass vulnerability in Ivanti EPMM 11.10 and older allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability poses a significant risk to the security and integrity of the affected systems, as it can be exploited remotely without authentication."
Operational Audit Arsenal
Target Type API
Target Asset MobileIron Core API
Standard Path Global Firmware
Manual Verification Required
This is a non-Windows asset (Ivanti). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.
Patch Impact Forecast
Reboot Required Likely
Moderate
Internal Work Notes
Remote unauthenticated API access vulnerability in Ivanti EPMM - MobileIron Core, requiring immediate patching to prevent unauthorized access and potential data breaches.
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Official Advisoryhttps://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US
Official Advisoryhttps://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US
Official Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-35082
Related Ivanti Threats
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.