VYPR
Unrated severityNVD Advisory· Published Nov 14, 2023· Updated Aug 29, 2024

CVE-2023-39335

CVE-2023-39335

Description

A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources.

Affected products

2
  • Ivanti/EPMMllm-fuzzy2 versions
    <=11.10+ 1 more
    • (no CPE)range: <=11.10
    • (no CPE)range: 11.10.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.