Unrated severityNVD Advisory· Published Mar 31, 2024· Updated Aug 2, 2024

CVE-2023-46808

Description

An file upload vulnerability in Ivanti ITSM before 2023.4, allows an authenticated remote user to perform file writes to the server. Successful exploitation may lead to execution of commands in the context of non-root user.

Affected products

Ivanti/ITSMllm-fuzzy2 versions
< 2023.4+ 1 more
- (no CPE)range: < 2023.4
- (no CPE)range: 2023.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSMmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.010
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000