{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2023-088.pdf"
    },
    "title": "High Vulnerabilities in Ivanti Endpoint Manager Mobile",
    "serial_number": "2023-088",
    "publish_date": "20-11-2023 09:58:53",
    "description": "On November 9 2023, Ivanti disclosed two vulnerabilities, \"CVE-2023-39335\" and \"CVE-2023-39337\", affecting all versions of Endpoint Manager Mobile (formerly MobileIron Core).<br>\nThe vulnerabilities can be chained to allow an unauthenticated user to access resources behind Sentry.<br>\n",
    "url_title": "2023-088",
    "content_markdown": "---\ntitle: 'High Vulnerabilities in\u00a0Ivanti\u00a0Endpoint\u00a0Manager\u00a0Mobile'\nnumber: '2023-088'\nversion: '1.0'\noriginal_date: '9 November, 2023'\ndate: 'November 13, 2023'\n---\n\n_History:_\n\n* _13/11/2023 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn November 9 2023, Ivanti disclosed two vulnerabilities, `CVE-2023-39335` and `CVE-2023-39337`, affecting all versions of Endpoint Manager Mobile (formerly MobileIron Core).\n\nThe vulnerabilities can be chained to allow an unauthenticated user to access resources behind Sentry [1].\n\n# Technical Details\n\n`CVE-2023-39335`, with a CVSS score of 8.5 this vulnerability enables an authenticated user (enrolled device) to enrol a device for another EPMM user. The attacker must obtain additional information, such as by monitoring TLS traffic, to identify the user they would want to impersonate. \n\n`CVE-2023-39337`, with a CVSS score of 6.8, this vulnerability enables an authenticated user (enrolled device) to obtain a valid certificate for another EPMM user. Like the previous vulnerability, the attacker must obtain additional information, such as by monitoring TLS traffic, to identify the user they would want to impersonate.\n\n# Affected Products\n\nThese vulnerabilities impact all supported versions of the products \u2013 EPMM Versions 11.10, 11.9 and 11.8 and Sentry Versions 9.18. 9.17 and 9.16. Older versions/releases are also at risk. \n\n# Recommendations\n\nFor both vulnerabilities, Ivanti released a patch included in the following EPMM (Core) releases. 11.10.0.4, 11.11.0.2, 11.12.0.0.\n\nCERT-EU recommends immediately applying updates provided by Ivanti to vulnerable systems. \n\n# References\n\n[1] <https://www.ivanti.com/blog/ivanti-epmm-cve-2023-39335-39337>\n\n[2] <https://forums.ivanti.com/s/article/CVE-2023-39337?language=en_US>\n\n[3] <https://forums.ivanti.com/s/article/CVE-2023-39335?language=en_US>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>13/11/2023 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On November 9 2023, Ivanti disclosed two vulnerabilities, <code>CVE-2023-39335</code> and <code>CVE-2023-39337</code>, affecting all versions of Endpoint Manager Mobile (formerly MobileIron Core).</p><p>The vulnerabilities can be chained to allow an unauthenticated user to access resources behind Sentry [1].</p><h2 id=\"technical-details\">Technical Details</h2><p><code>CVE-2023-39335</code>, with a CVSS score of 8.5 this vulnerability enables an authenticated user (enrolled device) to enrol a device for another EPMM user. The attacker must obtain additional information, such as by monitoring TLS traffic, to identify the user they would want to impersonate. </p><p><code>CVE-2023-39337</code>, with a CVSS score of 6.8, this vulnerability enables an authenticated user (enrolled device) to obtain a valid certificate for another EPMM user. Like the previous vulnerability, the attacker must obtain additional information, such as by monitoring TLS traffic, to identify the user they would want to impersonate.</p><h2 id=\"affected-products\">Affected Products</h2><p>These vulnerabilities impact all supported versions of the products \u2013 EPMM Versions 11.10, 11.9 and 11.8 and Sentry Versions 9.18. 9.17 and 9.16. Older versions/releases are also at risk. </p><h2 id=\"recommendations\">Recommendations</h2><p>For both vulnerabilities, Ivanti released a patch included in the following EPMM (Core) releases. 11.10.0.4, 11.11.0.2, 11.12.0.0.</p><p>CERT-EU recommends immediately applying updates provided by Ivanti to vulnerable systems. </p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.ivanti.com/blog/ivanti-epmm-cve-2023-39335-39337\">https://www.ivanti.com/blog/ivanti-epmm-cve-2023-39335-39337</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://forums.ivanti.com/s/article/CVE-2023-39337?language=en_US\">https://forums.ivanti.com/s/article/CVE-2023-39337?language=en_US</a></p><p>[3] <a rel=\"noopener\" target=\"_blank\" href=\"https://forums.ivanti.com/s/article/CVE-2023-39335?language=en_US\">https://forums.ivanti.com/s/article/CVE-2023-39335?language=en_US</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}