CVE-2023-38035
CVE-2023-38035
In short
The MICS Admin Portal in Ivanti MobileIron Sentry has a flaw in its web server setup that allows attackers to skip login checks and access the administrative interface without proper credentials.
Technical detail
An insufficiently restrictive Apache HTTPD configuration in Ivanti MobileIron Sentry 9.18.0 and below enables authentication bypass on the MICS Admin Portal administrative interface. The vulnerability stems from improper access control enforcement (CWE-863), allowing unauthenticated attackers to directly access privileged functions with critical impact on confidentiality, integrity, and availability.
Summary generated and translated by AI from the official description.
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Ivanti · MobileIron Sentrypublic PoCs found — 4
githubgithub.com/horizon3ai/CVE-2023-38035★ 40githubgithub.com/LeakIX/sentryexploit★ 7githubgithub.com/mind2hex/CVE-2023-38035-MobileIron-RCE★ 1cve_referencepacketstormsecurity.com/files/174643/Ivanti-Sentry-Authentication-Bypass-Remote-Code-Execution.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/174643/Ivanti-Sentry-Authentication-Bypass-Remote-Code-Execution.htmlhttps://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interfacehttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-38035