CVE-2023-38344

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2022 SU4

Description A file disclosure issue exists in the GetFileContents SOAP action exposed via "/landesk/managementsuite/core/core.secure/OsdScript.asmx". The application does not sufficiently restrict user-supplied paths, allowing an authenticated attacker to read arbitrary files from a remote system, including the private key used to authenticate to agents for remote access.

Recommendations For Ivanti Endpoint Manager versions prior to 2022 SU4, update to version 2022 SU4 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/landesk/managementsuite/core/core.secure/OsdScript.asmx" endpoint and the GetFileContents SOAP action to minimize the risk of exploitation.