SID 1:62263

Report a false positive

Rule Category

POLICY-OTHER --

Alert Message

POLICY-OTHER Ivanti Endpoint Manager Mobile restricted endpoint access attempt

Rule Explanation

This rule looks at the path component of an HTTP request for the restricted endpoint.

What To Look For

This rule alerts on an attempt to access a restricted endpoint in the Ivanti Endpoint Manager Mobile's web interface.

Known Usage

Attacks/Scans seen in the wild

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

Rule Categories::Policy::Other

CVE

CVE-2023-35081 CVE-2023-35082

Additional Links

forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older

Rule Vulnerability

N/A

Not Applicable

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2023-35081
 Loading description
CVE-2023-35082
 Loading description