ET WEB_SPECIFIC_APPS Possible Ivanti Endpoint Manager Mobile CVE-2023-35078 Check/Exploitation Attempt

SID: 2047054Rev: 210 viewsHistory

Sourceet/open

CreatedAugust 3, 2023

UpdatedJanuary 18, 2024

Classificationattempted-admin

alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET WEB_SPECIFIC_APPS Possible Ivanti Endpoint Manager Mobile CVE-2023-35078 Check/Exploitation Attempt"; flow:established,to_server; http.uri; content:"/mifs/aad/api/v2/"; startswith; threshold:type limit, count 5, seconds 300, track by_src; reference:url,www.rapid7.com/blog/post/2023/08/02/cve-2023-35082-mobileiron-core-unauthenticated-api-access-vulnerability/; reference:cve,2023-35078; classtype:attempted-admin; sid:2047054; rev:2; metadata:affected_product Ivanti, attack_target Web_Server, created_at 2023_08_03, cve CVE_2023_35078, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence Low, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_01_18, reviewed_at 2024_10_01; target:dest_ip;)

References

url	www.rapid7.com/blog/post/2023/08/02/cve-2023-35082-mobileiron-core-unauthenticated-api-access-vulnerability/
cve	2023-35078

Metadata

affected productIvanti

attack targetWeb_Server

created at2023_08_03

cveCVE-2023-35078

deploymentSSLDecrypt

confidenceLow

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2024_01_18

reviewed at2024_10_01

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!