CVE-2024-24996 - A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows

CVE-2024-24996

Summary

A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to execute arbitrary commands.

References

https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

19-04-2024 - 13:10

Published

19-04-2024 - 02:15

Last modified

19-04-2024 - 13:10