Headline
CVE-2023-38344: Product Releases & Updates | Ivanti
An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure vulnerability exists in the GetFileContents SOAP action exposed via /landesk/managementsuite/core/core.secure/OsdScript.asmx. The application does not sufficiently restrict user-supplied paths, allowing for an authenticated attacker to read arbitrary files from a remote system, including the private key used to authenticate to agents for remote access.
2023
Q1 2023
Strengthen cybersecurity posture and optimize digital employee experiences.
Q2 2023
Improving visibility, operational efficiency and experience.
Q3 2023
Enhanced vulnerability prioritization and remediation, improving actionable insights, and experience.
2022
Q1 2022
Reduce risk while providing better and more productive employee experiences.
Q2 2022
Enhance security and the employee experience in the Everywhere Workplace.
Q3 2022
Provide secure, contextualized & productive employee experiences.
Q4 2022