CVE-2024-36131

An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-for-Mobile-EPMM-July-2024	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:*

History

12 Aug 2024, 18:53

Type	Values Removed	Values Added
References	~~() https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-for-Mobile-EPMM-July-2024 -~~	() https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-for-Mobile-EPMM-July-2024 - Vendor Advisory
First Time		Ivanti Ivanti endpoint Manager Mobile
CPE		cpe:2.3:a:ivanti:endpoint_manager_mobile::::::::
CWE		CWE-502

07 Aug 2024, 15:17

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de deserialización insegura en el componente web de EPMM anterior a 12.1.0.1 permite a un atacante remoto autenticado ejecutar comandos arbitrarios en el sistema operativo subyacente del dispositivo.

07 Aug 2024, 04:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-07 04:17

Updated : 2024-08-21 18:35

NVD link : CVE-2024-36131

Mitre link : CVE-2024-36131

CVE.ORG link : CVE-2024-36131

JSON object : View

Products Affected

ivanti

endpoint_manager_mobile

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2024-36131", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "support@hackerone.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-08-07T04:17:18.207", "references": [{"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-for-Mobile-EPMM-July-2024", "tags": ["Vendor Advisory"], "source": "support@hackerone.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-502"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance."}, {"lang": "es", "value": "Una vulnerabilidad de deserializaci\u00f3n insegura en el componente web de EPMM anterior a 12.1.0.1 permite a un atacante remoto autenticado ejecutar comandos arbitrarios en el sistema operativo subyacente del dispositivo."}], "lastModified": "2024-08-21T18:35:05.670", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06657E1C-4C7D-4E54-AF6D-096DFE8216EF", "versionEndExcluding": "12.1.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}