CVE-2023-38343

by Fred · 21/09/2023

An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4. External entity references are enabled in the XML parser configuration. Exploitation of this vulnerability can lead to file disclosure or Server Side Request Forgery.

Date published : 2023-09-21

https://gist.github.com/bhyahoo/4772330b20057a271f77e690bc70f928

https://www.ivanti.com/releases

CVE-2023-38343

Similar

Recent Posts

Categories

CVE-2023-38343

Share this:

Similar

Recent Posts

Categories

Tags