Ivanti Endpoint Manager Mobile < 11.8.1.1 / 11.9.x < 11.9.1.1 / 11.10.x < 11.10.0.2 認証されていないリモート API アクセス (CVE-2023-35078)

critical Nessus プラグイン ID 178783

バージョン 1.7

Oct 30, 2023, 4:49 PM

  • Exploit attributes ("Exploited by malware" set to "True")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C")

Plugin Feed: 202310301649

バージョン 1.6

Aug 30, 2023, 12:04 AM

  • Plugin metadata

Plugin Feed: 202308300004

バージョン 1.6

Oct 30, 2023, 2:59 PM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C")
  • Exploit attributes ("Exploited by malware" set to "True")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C")

Plugin Feed: 202310301459

バージョン 1.5

Aug 10, 2023, 8:06 PM

  • Logic Changes

Plugin Feed: 202308102006

バージョン 1.4

Aug 7, 2023, 3:37 PM

  • CVSS metrics ("CVSSv2 score" changed from 7.5 to 10.0. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")

Plugin Feed: 202308071537

バージョン 1.3

Jul 28, 2023, 9:58 AM

  • STIG Severity (set to "I")
  • IAVM reference

Plugin Feed: 202307280958

バージョン 1.2

Jul 26, 2023, 10:02 PM

  • CEA reference

Plugin Feed: 202307262202

バージョン 1.1

Jul 26, 2023, 2:42 AM

  • CISA reference
  • Exploit attributes ("Exploit available" set to "True". "Exploitability ease" set to "Exploits are available")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
  • CVSSv3 score source (set to "CVE-2023-35078")
  • CVSS metrics ("CVSSv2 score" changed from 10.0 to 7.5. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv3 score" changed from 10.0 to 9.8)

Plugin Feed: 202307260242

バージョン 1.0

Jul 25, 2023, 9:05 PM

  • New

Plugin Feed: 202307252105

* Changelogs are generally available for changes made after Nov 1, 2022