CVE-2023-38343

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4. External entity references are enabled in the XML parser configuration. Exploitation of this vulnerability can lead to file disclosure or Server Side Request Forgery.

Vendor	n/a
Product	n/a
Published	Sep 21, 2023
Last Updated	Sep 24, 2024

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new unknown vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

ivanti.com: https://www.ivanti.com/releases gist.github.com: https://gist.github.com/bhyahoo/4772330b20057a271f77e690bc70f928