| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2023-35078 | Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability | primary_impact | T1136 | Create Account |
Comments
This vulnerability is exploited through an unauthenticated API access flaw in Ivanti EPMM. Attackers initiate this vulnerability by leveraging the default internet-facing API configuration, allowing them to access restricted functionalities without authentication. Reports state attackers who exploited this vulnerability gained access personally identifiable information (PII) and added an administrator account on the affected EPMM server, to allow for further system compromise.
References
|
| CVE-2023-35078 | Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability | primary_impact | T1213 | Data from Information Repositories |
Comments
This vulnerability is exploited through an unauthenticated API access flaw in Ivanti EPMM. Attackers initiate this vulnerability by leveraging the default internet-facing API configuration, allowing them to access restricted functionalities without authentication. Reports state attackers who exploited this vulnerability gained access personally identifiable information (PII) and added an administrator account on the affected EPMM server, to allow for further system compromise.
References
|
| CVE-2023-35078 | Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
This vulnerability is exploited through an unauthenticated API access flaw in Ivanti EPMM. Attackers initiate this vulnerability by leveraging the default internet-facing API configuration, allowing them to access restricted functionalities without authentication. This enables them to extract personally identifiable information (PII) and perform administrative actions, such as creating new accounts and making configuration changes.
References
|