CVE-2023-35078 - Remote Unauthenticated API Access Vulnerability - A vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. This vulnerabilit...::<span style="font-size: 11pt;"><span style="line-height: 107%;"><span style="font-family: Calibri,sans-serif;"><span style="font-family: "Arial",sans-serif;">A vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. This vulnerability impacts all supported versions – Version 11.4 releases 11.10, 11.9 and 11.8. Older versions/releases are also at risk.<span style="font-family: "Arial",sans-serif;"><span style="color: black;">If exploited, this vulnerability enables an unauthorized, remote (internet-facing) actor to potentially access users’ personally identifiable information and make limited changes to the server.<span style="font-size: 11pt;"><span style="line-height: 107%;"><span style="font-family: Calibri,sans-serif;"><span style="font-family: "Arial",sans-serif;"><span style="color: black;">We have received information from a credible source indicating exploitation has occurred.<span style="font-family: "Arial",sans-serif;"><span style="color: black;"> We continue to work with our customers and partners to investigate this situation. <span style="font-family: "Arial",sans-serif;"><span style="color: black;">We are only aware of a very limited number of customers that have been impacted. We are actively working with our customers and partners to investigate this situation. <span style="font-size: 11pt;"><span style="line-height: 107%;"><span style="font-family: Calibri,sans-serif;">