NotCVE - vendor:"Ivanti" product:"Endpoint Manager Mobile" version:" >= 11.11.0

3 results (0.004 seconds)

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 1

CVE-2024-22026

https://notcve.org/view.php?id=CVE-2024-22026

22 May 2024 — A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance. Una vulnerabilidad de escalada de privilegios locales en EPMM anterior a 12.1.0.0 permite a un usuario local autenticado evitar la restricción del shell y ejecutar comandos arbitrarios en el dispositivo. • https://github.com/securekomodo/CVE-2024-22026 • CWE-284: Improper Access Control •

CVSS: 9.4EPSS: 1%CPEs: 3EXPL: 0

CVE-2023-39337

https://notcve.org/view.php?id=CVE-2023-39337

14 Nov 2023 — A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well as secrets. This vulnerability poses a serious security risk, potentially exposing confidential data and system integrity. Una vulnerabilidad de seguridad en las versiones 11.10, 11.9 y 11.8 anteriores de EPMM permite que un actor de amenazas con conocimiento de u... • https://forums.ivanti.com/s/article/CVE-2023-39337?language=en_US • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0

CVE-2023-39335

https://notcve.org/view.php?id=CVE-2023-39335

14 Nov 2023 — A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources. Se identificó una vulnerabilidad de seguridad en las versiones 11.10, 11.9 y 11.8 y anteriores de EPMM, lo que permite que un actor de amenazas no autenticado se haga pasar p... • https://forums.ivanti.com/s/article/CVE-2023-39335?language=en_US • CWE-269: Improper Privilege Management •