All the vulnerabilites related to Ivanti - Avalanche
Vulnerability from fkie_nvd
Published
2018-06-29 15:29
Modified
2024-11-21 04:14
Severity ?
Summary
An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. The impacted products used a single shared key encryption model to encrypt data. A user with access to system databases can use the discovered key to access potentially confidential stored data, which may include Wi-Fi passwords. This discovered key can be used for all instances of the product.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://community.ivanti.com/docs/DOC-68406 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://community.ivanti.com/docs/DOC-68406 | Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "6437AEEE-FD64-46CB-BD1A-B59C8ABB9774", "versionEndIncluding": "6.2", "versionStartIncluding": "5.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. The impacted products used a single shared key encryption model to encrypt data. A user with access to system databases can use the discovered key to access potentially confidential stored data, which may include Wi-Fi passwords. This discovered key can be used for all instances of the product." }, { "lang": "es", "value": "Se ha descubierto un problema en Ivanti Avalanche para todas las versiones entre la 5.3 y la 6.2. Los productos afectados utilizaron un \u00fanico modelo de cifrado de clave compartida para cifrar los datos. Un usuario con acceso a las bases de datos del sistema puede utilizar la clave descubierta para acceder a datos almacenados potencialmente confidenciales,pudiendo incluir contrase\u00f1as Wi-Fi. Esta clave descubierta se puede utilizar para todas las instancias del producto." } ], "id": "CVE-2018-8902", "lastModified": "2024-11-21T04:14:34.010", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-06-29T15:29:00.443", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://community.ivanti.com/docs/DOC-68406" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://community.ivanti.com/docs/DOC-68406" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-287" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46225", "lastModified": "2024-11-21T08:28:06.693", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:10.260", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the GroupDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15333.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-781/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-781/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the GroupDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15333." } ], "id": "CVE-2022-36976", "lastModified": "2024-11-21T07:14:11.720", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.250", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-781/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-781/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-89" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-11-12 16:15
Modified
2024-12-18 18:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to leak sensitive information in memory.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "8BF6AFA9-1E31-410B-BCC3-83F137769FC2", "versionEndExcluding": "6.4.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to leak sensitive information in memory." }, { "lang": "es", "value": "Una vulnerabilidad de lectura fuera de los l\u00edmites en Ivanti Avalanche anterior a 6.4.6 permite que un atacante remoto no autenticado filtre informaci\u00f3n confidencial en la memoria. " } ], "id": "CVE-2024-50331", "lastModified": "2024-12-18T18:44:43.177", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-11-12T16:15:25.773", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46217", "lastModified": "2024-11-21T08:28:05.583", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:09.337", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46221", "lastModified": "2024-11-21T08:28:06.130", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:09.650", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46261", "lastModified": "2024-11-21T08:28:11.673", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:11.043", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-10-08 17:15
Modified
2024-10-16 13:24
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "E80B784E-D10B-4D20-9D63-CBD3E3CF1868", "versionEndExcluding": "6.4.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information." }, { "lang": "es", "value": "Server-side request forgery en Ivanti Avalanche anterior a la versi\u00f3n 6.4.5 permite que un atacante remoto no autenticado filtre informaci\u00f3n confidencial." } ], "id": "CVE-2024-47008", "lastModified": "2024-10-16T13:24:32.130", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-10-08T17:15:54.463", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Ivanti-Avalanche-6-4-5-Security-Advisory" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-918" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-918" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-05-09 22:15
Modified
2024-11-21 07:54
Severity ?
Summary
A path traversal vulnerability exists in Avalanche version 6.3.x and below that when exploited could result in possible information disclosure.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "844EE7BB-8B96-486F-8F2B-0185216B1898", "versionEndIncluding": "6.3.4.153", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A path traversal vulnerability exists in Avalanche version 6.3.x and below that when exploited could result in possible information disclosure." } ], "id": "CVE-2023-28127", "lastModified": "2024-11-21T07:54:27.537", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-05-09T22:15:09.870", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/ZDI-CAN-17769-Ivanti-Avalanche-getLogFile-Directory-Traversal-Information-Disclosure?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/ZDI-CAN-17769-Ivanti-Avalanche-getLogFile-Directory-Traversal-Information-Disclosure?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15329.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-778/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-778/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15329." } ], "id": "CVE-2022-36973", "lastModified": "2024-11-21T07:14:11.350", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.067", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-778/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-778/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-89" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de carga de archivos sin restricciones en Ivanti Avalanche versiones anteriores a 6.3.3, que permite a un atacante con acceso al Servicio Inforail escribir archivos peligrosos" } ], "id": "CVE-2021-42125", "lastModified": "2024-11-21T06:27:18.810", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.147", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remote code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remote code execution." }, { "lang": "es", "value": "Existe una carga sin restricciones de archivos con una vulnerabilidad de tipo peligroso en las versiones 6.4.1 e inferiores de Avalanche que podr\u00eda permitir a un atacante lograr la ejecuci\u00f3n remota de c\u00f3digo." } ], "id": "CVE-2023-46263", "lastModified": "2024-11-21T08:28:11.933", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:11.343", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetSettings class. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15919.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-788/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-788/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D64C108-BA2C-4BA2-95C7-7571201D5965", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.3.101", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetSettings class. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15919." } ], "id": "CVE-2022-36983", "lastModified": "2024-11-21T07:14:12.600", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.757", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-788/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-788/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-306" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-306" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-11-03 20:15
Modified
2024-11-21 07:26
Severity ?
Summary
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "C9C00C8A-E00C-4C25-A623-24390C27ACE3", "versionEndExcluding": "6.4.1.236", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability" }, { "lang": "es", "value": "Vulnerabilidad de escalada de privilegios locales de autenticaci\u00f3n faltante de Ivanti Avalanche Smart Device Service" } ], "id": "CVE-2022-43554", "lastModified": "2024-11-21T07:26:46.503", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-11-03T20:15:08.690", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-306" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-306" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2025-01-14 17:15
Modified
2025-01-16 21:01
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "334F025B-A8DF-42A0-B55C-936D055FFD59", "versionEndExcluding": "6.4.7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication." }, { "lang": "es", "value": "Path Traversal en Ivanti Avalanche anterior a la versi\u00f3n 6.4.7 permite que un atacante remoto no autenticado omita la autenticaci\u00f3n." } ], "id": "CVE-2024-13179", "lastModified": "2025-01-16T21:01:38.177", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2025-01-14T17:15:14.150", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-7-Multiple-CVEs" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" }, { "lang": "en", "value": "CWE-288" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-05-09 22:15
Modified
2024-11-21 07:54
Severity ?
Summary
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "844EE7BB-8B96-486F-8F2B-0185216B1898", "versionEndIncluding": "6.3.4.153", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution." } ], "id": "CVE-2023-28128", "lastModified": "2024-11-21T07:54:27.650", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-05-09T22:15:09.920", "references": [ { "source": "support@hackerone.com", "url": "http://packetstormsecurity.com/files/172398/Ivanti-Avalanche-FileStoreConfig-Shell-Upload.html" }, { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/ZDI-CAN-17812-Ivanti-Avalanche-FileStoreConfig-Arbitrary-File-Upload-Remote-Code-Execution-Vulnerability?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/172398/Ivanti-Avalanche-FileStoreConfig-Shell-Upload.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/ZDI-CAN-17812-Ivanti-Avalanche-FileStoreConfig-Arbitrary-File-Upload-Remote-Code-Execution-Vulnerability?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:29
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS)." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS)." } ], "id": "CVE-2023-46803", "lastModified": "2024-11-21T08:29:20.437", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:11.930", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-10 20:15
Modified
2024-11-21 08:03
Severity ?
Summary
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BB2A71-2815-4982-825E-3546E2A7FE83", "versionEndExcluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution." } ], "id": "CVE-2023-32564", "lastModified": "2024-11-21T08:03:36.653", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-10T20:15:10.503", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2025-01-14 17:15
Modified
2025-01-16 21:02
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9B830AE-99D2-43C4-87C1-BB1A0DAA5EE3", "versionEndExcluding": "6.4.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010." }, { "lang": "es", "value": "Path Traversal en Ivanti Avalanche anterior a la versi\u00f3n 6.4.7 permite que un atacante remoto no autenticado omita la autenticaci\u00f3n. Esta CVE aborda correcciones incompletas de CVE-2024-47010." } ], "id": "CVE-2024-13181", "lastModified": "2025-01-16T21:02:04.910", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2025-01-14T17:15:14.433", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-7-Multiple-CVEs" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" }, { "lang": "en", "value": "CWE-288" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-08-14 03:15
Modified
2024-08-15 17:32
Severity ?
Summary
XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ivanti | avalanche | 6.3.1 | |
ivanti | avalanche | 6.3.1.1507 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4.153 | |
ivanti | avalanche | 6.4.0 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1.207 | |
ivanti | avalanche | 6.4.1.236 | |
ivanti | avalanche | 6.4.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1:*:*:*:premise:*:*:*", "matchCriteriaId": "6060540C-A977-4E2A-8E1B-41CC3C3E92ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1.1507:*:*:*:premise:*:*:*", "matchCriteriaId": "771C1447-6F5E-45DE-BDE6-8FFBB4708D67", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "778D9C09-12BB-47FC-B74B-DC114AE3A540", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:windows:*:*", "matchCriteriaId": "617DA85C-5FCE-4650-99AA-A1052E690B2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:premise:*:*:*", "matchCriteriaId": "44ABD265-3F8F-415A-96B3-16975661CDEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:*:*:*:*", "matchCriteriaId": "CF93250C-0754-4B87-9BBE-DDF255EEB157", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:premise:*:*:*", "matchCriteriaId": "521CD0B6-8348-41D6-8AD8-79F884F4F10F", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3162335B-9FA4-4AC3-85F0-BD34F859EDFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:premise:*:*:*", "matchCriteriaId": "03E7F6CA-8A72-4A3E-A281-2A7653162FB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:*:*:*:*", "matchCriteriaId": "E2AB421E-C976-4CFF-93F9-40354CB579C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:premise:*:*:*", "matchCriteriaId": "4C581973-06B3-4E16-B37C-41FE7B4388CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "FE9E1AF8-A8ED-4E49-B25F-E27AD4B61E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:premise:*:*:*", "matchCriteriaId": "3CC6AA75-22CD-4588-A1F9-574D7E7698CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4.153:*:*:*:premise:*:*:*", "matchCriteriaId": "F5A7D50A-DD35-40B6-B4AD-8703DB016E90", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "1196CC8F-4D46-4258-9997-1C7E9954A8D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "DF9D82B4-4AF6-4E14-AACE-56982D4F8969", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:premise:*:*:*", "matchCriteriaId": "5FA149E2-AF10-4D3A-9F6C-8AF74110DEF8", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.207:*:*:*:premise:*:*:*", "matchCriteriaId": "CC521F86-4E3F-4217-836D-235B1D9E8876", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.236:*:*:*:premise:*:*:*", "matchCriteriaId": "45AA1E4F-2B38-42A3-A99C-F7ED17067E00", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.2:*:*:*:premise:*:*:*", "matchCriteriaId": "78794BF3-682E-4256-92DA-D669BF78A297", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server." }, { "lang": "es", "value": "XXE en SmartDeviceServer en Ivanti Avalanche 6.3.1 permite que un atacante remoto no autenticado lea archivos arbitrarios en el servidor." } ], "id": "CVE-2024-38653", "lastModified": "2024-08-15T17:32:57.587", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-08-14T03:15:05.200", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-611" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-611" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2024-10-08 17:15
Modified
2024-10-16 13:28
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "E80B784E-D10B-4D20-9D63-CBD3E3CF1868", "versionEndExcluding": "6.4.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information" }, { "lang": "es", "value": "Path Traversal en Ivanti Avalanche antes de la versi\u00f3n 6.4.5 permite que un atacante remoto no autenticado filtre informaci\u00f3n confidencial" } ], "id": "CVE-2024-47011", "lastModified": "2024-10-16T13:28:40.480", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-10-08T17:15:55.533", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Ivanti-Avalanche-6-4-5-Security-Advisory" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-04-28 22:15
Modified
2024-11-21 04:59
Severity ?
Summary
Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "1B5ECF07-B6E2-475D-A015-216663C0EDFE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250." }, { "lang": "es", "value": "Ivanti Avalanche versi\u00f3n 6.3, permite una inyecci\u00f3n SQL que est\u00e1 vagamente asociada con el Servidor Apache HTTP, tambi\u00e9n se conoce como Bug 683250." } ], "id": "CVE-2020-12442", "lastModified": "2024-11-21T04:59:43.567", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-04-28T22:15:12.983", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/SQL-Injection-Vulnerability-in-Avalanche" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/SQL-Injection-Vulnerability-in-Avalanche" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-89" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46223", "lastModified": "2024-11-21T08:28:06.390", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:09.957", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-121" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using Inforail Service allows arbitrary code execution via Data Repository Service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using Inforail Service allows arbitrary code execution via Data Repository Service." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de deserializaci\u00f3n de datos no confiables en Ivanti Avalanche versiones anteriores a 6.3.3 usando el Servicio inforail que permite una ejecuci\u00f3n de c\u00f3digo arbitrario por medio del Servicio de Repositorio de Datos" } ], "id": "CVE-2021-42127", "lastModified": "2024-11-21T06:27:19.040", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.250", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
A command injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A command injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de inyecci\u00f3n de comandos en Ivanti Avalanche versiones anteriores a 6.3.3, que permite a un atacante con acceso al Servicio Inforail llevar a cabo una ejecuci\u00f3n de comandos arbitrarios" } ], "id": "CVE-2021-42129", "lastModified": "2024-11-21T06:27:19.270", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.353", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-77" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-77" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46259", "lastModified": "2024-11-21T08:28:11.430", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:10.720", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Web File Server service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15330.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-779/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-779/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Web File Server service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15330." } ], "id": "CVE-2022-36974", "lastModified": "2024-11-21T07:14:11.473", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.127", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-779/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-779/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de funci\u00f3n peligrosa expuesta en Ivanti Avalanche versiones anteriores a 6.3.3, que permite a un atacante con acceso al servicio Inforail llevar a cabo una escritura de archivo arbitraria" } ], "id": "CVE-2021-42133", "lastModified": "2024-11-21T06:27:19.740", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.553", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-829" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2025-01-14 17:15
Modified
2025-01-16 21:01
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "334F025B-A8DF-42A0-B55C-936D055FFD59", "versionEndExcluding": "6.4.7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011." }, { "lang": "es", "value": "Path Traversal en Ivanti Avalanche anterior a la versi\u00f3n 6.4.7 permite que un atacante remoto no autenticado filtre informaci\u00f3n confidencial. Esta CVE aborda correcciones incompletas de CVE-2024-47011." } ], "id": "CVE-2024-13180", "lastModified": "2025-01-16T21:01:52.650", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2025-01-14T17:15:14.287", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-7-Multiple-CVEs" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-10 19:15
Modified
2024-11-21 08:03
Severity ?
Summary
Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BB2A71-2815-4982-825E-3546E2A7FE83", "versionEndExcluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236" } ], "id": "CVE-2023-32567", "lastModified": "2024-11-21T08:03:37.007", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-10T19:15:09.663", "references": [ { "source": "support@hackerone.com", "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-611" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de deserializaci\u00f3n de datos no confiables en Ivanti Avalanche versiones anteriores a 6.3.3, que permite a un atacante con acceso al Servicio Inforail llevar a cabo la ejecuci\u00f3n de c\u00f3digo arbitrario" } ], "id": "CVE-2021-42130", "lastModified": "2024-11-21T06:27:19.387", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.403", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de inyecci\u00f3n SQL en Ivanti Avalance versiones anteriores a 6.3.3, que permite a un atacante con acceso al servicio Inforail llevar a cabo una escalada de privilegios" } ], "id": "CVE-2021-42131", "lastModified": "2024-11-21T06:27:19.503", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.453", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-89" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-89" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification Server service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15448.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-783/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-783/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification Server service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15448." } ], "id": "CVE-2022-36978", "lastModified": "2024-11-21T07:14:11.963", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.377", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-783/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-783/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DeviceLogResource class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15966.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-786/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-786/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D64C108-BA2C-4BA2-95C7-7571201D5965", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.3.101", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DeviceLogResource class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15966." } ], "id": "CVE-2022-36981", "lastModified": "2024-11-21T07:14:12.343", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.627", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-786/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-786/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-10 20:15
Modified
2024-11-21 08:03
Severity ?
Summary
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BB2A71-2815-4982-825E-3546E2A7FE83", "versionEndExcluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1." } ], "id": "CVE-2023-32565", "lastModified": "2024-11-21T08:03:36.767", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-10T20:15:10.577", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-10 22:15
Modified
2024-11-21 07:28
Severity ?
Summary
An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF5697AA-15D9-4B2F-B6D3-03A4B23A8EE9", "versionEndExcluding": "6.4.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port." } ], "id": "CVE-2022-44574", "lastModified": "2024-11-21T07:28:09.293", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-10T22:15:10.210", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-ZDI-CAN-19513-Security-Advisory?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-ZDI-CAN-19513-Security-Advisory?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-287" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-287" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46258", "lastModified": "2024-11-21T08:28:11.303", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:10.570", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-05-09 22:15
Modified
2024-11-21 07:54
Severity ?
Summary
An improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below that could allow an attacker to gain access to the server by registering to receive messages from the server and perform an authentication bypass.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "C3876E48-AE63-449B-AE68-14A238F2F867", "versionEndIncluding": "6.3.4.153", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below that could allow an attacker to gain access to the server by registering to receive messages from the server and perform an authentication bypass." } ], "id": "CVE-2023-28125", "lastModified": "2024-11-21T07:54:27.287", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-05-09T22:15:09.720", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/ZDI-CAN-17729-CVE-2023-28125-Bug-958437-ZDI-CAN-17729-Ivanti-Avalanche-InfoRail-Authentication-Bypass-Vulnerability?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/ZDI-CAN-17729-CVE-2023-28125-Bug-958437-ZDI-CAN-17729-Ivanti-Avalanche-InfoRail-Authentication-Bypass-Vulnerability?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-287" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An unauthenticated attacked could send a specifically crafted web request causing a Server-Side Request Forgery (SSRF) in Ivanti Avalanche Remote Control server.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B2EB4E0-35D0-45BF-B70F-DDA92C7B567E", "versionEndIncluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated attacked could send a specifically crafted web request causing a Server-Side Request Forgery (SSRF) in Ivanti Avalanche Remote Control server." }, { "lang": "es", "value": "Un ataque no autenticado podr\u00eda enviar una solicitud web espec\u00edficamente manipulada provocando Server-Side Request Forgery (SSRF) en el servidor de Ivanti Avalanche Remote Control." } ], "id": "CVE-2023-46262", "lastModified": "2024-11-21T08:28:11.800", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:11.190", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-918" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-10-08 17:15
Modified
2024-10-16 13:26
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "E80B784E-D10B-4D20-9D63-CBD3E3CF1868", "versionEndExcluding": "6.4.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication." }, { "lang": "es", "value": "Path Traversal en Ivanti Avalanche anterior a la versi\u00f3n 6.4.5 permite que un atacante remoto no autenticado evite la autenticaci\u00f3n." } ], "id": "CVE-2024-47009", "lastModified": "2024-10-16T13:26:39.990", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-10-08T17:15:54.777", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Ivanti-Avalanche-6-4-5-Security-Advisory" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" }, { "lang": "en", "value": "CWE-288" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-08-14 03:15
Modified
2024-08-15 17:31
Severity ?
Summary
A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ivanti | avalanche | 6.3.1 | |
ivanti | avalanche | 6.3.1.1507 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4.153 | |
ivanti | avalanche | 6.4.0 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1.207 | |
ivanti | avalanche | 6.4.1.236 | |
ivanti | avalanche | 6.4.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1:*:*:*:premise:*:*:*", "matchCriteriaId": "6060540C-A977-4E2A-8E1B-41CC3C3E92ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1.1507:*:*:*:premise:*:*:*", "matchCriteriaId": "771C1447-6F5E-45DE-BDE6-8FFBB4708D67", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "778D9C09-12BB-47FC-B74B-DC114AE3A540", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:windows:*:*", "matchCriteriaId": "617DA85C-5FCE-4650-99AA-A1052E690B2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:premise:*:*:*", "matchCriteriaId": "44ABD265-3F8F-415A-96B3-16975661CDEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:*:*:*:*", "matchCriteriaId": "CF93250C-0754-4B87-9BBE-DDF255EEB157", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:premise:*:*:*", "matchCriteriaId": "521CD0B6-8348-41D6-8AD8-79F884F4F10F", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3162335B-9FA4-4AC3-85F0-BD34F859EDFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:premise:*:*:*", "matchCriteriaId": "03E7F6CA-8A72-4A3E-A281-2A7653162FB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:*:*:*:*", "matchCriteriaId": "E2AB421E-C976-4CFF-93F9-40354CB579C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:premise:*:*:*", "matchCriteriaId": "4C581973-06B3-4E16-B37C-41FE7B4388CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "FE9E1AF8-A8ED-4E49-B25F-E27AD4B61E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:premise:*:*:*", "matchCriteriaId": "3CC6AA75-22CD-4588-A1F9-574D7E7698CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4.153:*:*:*:premise:*:*:*", "matchCriteriaId": "F5A7D50A-DD35-40B6-B4AD-8703DB016E90", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "1196CC8F-4D46-4258-9997-1C7E9954A8D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "DF9D82B4-4AF6-4E14-AACE-56982D4F8969", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:premise:*:*:*", "matchCriteriaId": "5FA149E2-AF10-4D3A-9F6C-8AF74110DEF8", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.207:*:*:*:premise:*:*:*", "matchCriteriaId": "CC521F86-4E3F-4217-836D-235B1D9E8876", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.236:*:*:*:premise:*:*:*", "matchCriteriaId": "45AA1E4F-2B38-42A3-A99C-F7ED17067E00", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.2:*:*:*:premise:*:*:*", "matchCriteriaId": "78794BF3-682E-4256-92DA-D669BF78A297", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS." }, { "lang": "es", "value": "Una desreferencia de puntero NULL en WLAvalancheService en Ivanti Avalanche 6.3.1 permite que un atacante remoto no autenticado bloquee el servicio, lo que resulta en un DoS." } ], "id": "CVE-2024-37399", "lastModified": "2024-08-15T17:31:49.067", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-08-14T03:15:04.850", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2024-11-12 16:15
Modified
2024-11-18 15:06
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "8BF6AFA9-1E31-410B-BCC3-83F137769FC2", "versionEndExcluding": "6.4.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service." }, { "lang": "es", "value": "Un bucle infinito en Ivanti Avalanche anterior a 6.4.6 permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio." } ], "id": "CVE-2024-50320", "lastModified": "2024-11-18T15:06:28.707", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-11-12T16:15:23.910", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-10 20:15
Modified
2024-11-21 08:03
Severity ?
Summary
An unauthenticated attacker could achieve the code execution through a RemoteControl server.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BB2A71-2815-4982-825E-3546E2A7FE83", "versionEndExcluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated attacker could achieve the code execution through a RemoteControl server." } ], "id": "CVE-2023-32563", "lastModified": "2024-11-21T08:03:36.527", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-10T20:15:10.437", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" }, { "source": "support@hackerone.com", "url": "https://twitter.com/wvuuuuuuuuuuuuu/status/1694956245742923939" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://twitter.com/wvuuuuuuuuuuuuu/status/1694956245742923939" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the EnterpriseServer service. The issue results from the lack of proper locking when performing operations during authentication. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15528.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-785/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-785/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the EnterpriseServer service. The issue results from the lack of proper locking when performing operations during authentication. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15528." } ], "id": "CVE-2022-36980", "lastModified": "2024-11-21T07:14:12.213", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.4, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.5, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.540", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-785/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-785/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-367" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-367" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-10-08 17:15
Modified
2024-10-16 13:28
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "E80B784E-D10B-4D20-9D63-CBD3E3CF1868", "versionEndExcluding": "6.4.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication." }, { "lang": "es", "value": "Path Traversal en Ivanti Avalanche anterior a la versi\u00f3n 6.4.5 permite que un atacante remoto no autenticado evite la autenticaci\u00f3n." } ], "id": "CVE-2024-47010", "lastModified": "2024-10-16T13:28:07.393", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-10-08T17:15:55.240", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Ivanti-Avalanche-6-4-5-Security-Advisory" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" }, { "lang": "en", "value": "CWE-288" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46220", "lastModified": "2024-11-21T08:28:06.000", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:09.497", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-10-08 17:15
Modified
2024-10-16 13:23
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "E80B784E-D10B-4D20-9D63-CBD3E3CF1868", "versionEndExcluding": "6.4.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service." }, { "lang": "es", "value": "Una desreferencia de puntero NULL en WLAvalancheService.exe de Ivanti Avalanche anterior a la versi\u00f3n 6.4.5 permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio." } ], "id": "CVE-2024-47007", "lastModified": "2024-10-16T13:23:03.467", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-10-08T17:15:54.210", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Ivanti-Avalanche-6-4-5-Security-Advisory" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-11-03 20:15
Modified
2024-11-21 08:21
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "C9C00C8A-E00C-4C25-A623-24390C27ACE3", "versionEndExcluding": "6.4.1.236", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability" }, { "lang": "es", "value": "Los permisos predeterminados incorrectos de Ivanti Avalanche permiten una vulnerabilidad de escalada de privilegios locales" } ], "id": "CVE-2023-41726", "lastModified": "2024-11-21T08:21:33.400", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2023-11-03T20:15:09.143", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-276" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-276" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46257", "lastModified": "2024-11-21T08:28:11.180", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:10.413", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the JwtTokenUtility class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15301.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-776/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-776/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the JwtTokenUtility class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15301." } ], "id": "CVE-2022-36971", "lastModified": "2024-11-21T07:14:11.087", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:11.897", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-776/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-776/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to read arbitrary files on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AgentTaskHandler class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored session cookies, leading to further compromise. Was ZDI-CAN-15967.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-787/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-787/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D64C108-BA2C-4BA2-95C7-7571201D5965", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.3.101", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to read arbitrary files on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AgentTaskHandler class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored session cookies, leading to further compromise. Was ZDI-CAN-15967." } ], "id": "CVE-2022-36982", "lastModified": "2024-11-21T07:14:12.470", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.700", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-787/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-787/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-05-09 22:15
Modified
2024-11-21 07:54
Severity ?
Summary
An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "C3876E48-AE63-449B-AE68-14A238F2F867", "versionEndIncluding": "6.3.4.153", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message." } ], "id": "CVE-2023-28126", "lastModified": "2024-11-21T07:54:27.410", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-05-09T22:15:09.813", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/ZDI-CAN-17750-Ivanti-Avalanche-EnterpriseServer-GetSettings-Exposed-Dangerous-Method-Authentication-Bypass-Vulnerability?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/ZDI-CAN-17750-Ivanti-Avalanche-EnterpriseServer-GetSettings-Exposed-Dangerous-Method-Authentication-Bypass-Vulnerability?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-305" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AvalancheDaoSupport class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15493.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-784/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-784/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AvalancheDaoSupport class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15493." } ], "id": "CVE-2022-36979", "lastModified": "2024-11-21T07:14:12.087", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.450", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-784/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-784/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-89" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:21
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-41727", "lastModified": "2024-11-21T08:21:33.617", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:08.623", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46222", "lastModified": "2024-11-21T08:28:06.253", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:09.797", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 05:51
Severity ?
Summary
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack." }, { "lang": "es", "value": "Un atacante puede enviar una solicitud especialmente manipulada que podr\u00eda provocar una fuga de datos confidenciales o potencialmente un ataque DoS basado en recursos." } ], "id": "CVE-2021-22962", "lastModified": "2024-11-21T05:51:01.747", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:07.697", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15328.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-777/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-777/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15328." } ], "id": "CVE-2022-36972", "lastModified": "2024-11-21T07:14:11.223", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:11.990", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-777/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-777/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-89" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-11-12 16:15
Modified
2024-11-18 15:06
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "8BF6AFA9-1E31-410B-BCC3-83F137769FC2", "versionEndExcluding": "6.4.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service." }, { "lang": "es", "value": "Un bucle infinito en Ivanti Avalanche anterior a 6.4.6 permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio." } ], "id": "CVE-2024-50321", "lastModified": "2024-11-18T15:06:30.603", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-11-12T16:15:24.100", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "ED2ED2CC-25EB-4C3B-A97F-3C0865CEA9FF", "versionEndIncluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack." }, { "lang": "es", "value": "Un atacante puede enviar una solicitud especialmente manipulada que podr\u00eda provocar una fuga de datos confidenciales o potencialmente un ataque DoS basado en recursos." } ], "id": "CVE-2023-46266", "lastModified": "2024-11-21T08:28:12.373", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:11.787", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de funci\u00f3n peligrosa expuesta en Ivanti Avalanche versiones anteriores a 6.3.3, usando el Servicio Inforail y permite la Escalada de Privilegios por medio del Servicio Enterprise Server" } ], "id": "CVE-2021-42128", "lastModified": "2024-11-21T06:27:19.157", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.300", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-749" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:29
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS)." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS)." } ], "id": "CVE-2023-46804", "lastModified": "2024-11-21T08:29:20.557", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:12.077", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform a session takeover.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform a session takeover." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de control de acceso inapropiado en Ivanti Avalanche versiones anteriores a 6.3.3, que permite a un atacante con acceso al Servicio Inforail llevar a cabo una toma de sesi\u00f3n" } ], "id": "CVE-2021-42124", "lastModified": "2024-11-21T06:27:18.683", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.093", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-284" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-11-03 20:15
Modified
2024-11-21 08:21
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "C9C00C8A-E00C-4C25-A623-24390C27ACE3", "versionEndExcluding": "6.4.1.236", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability" }, { "lang": "es", "value": "Vulnerabilidad de escalada de privilegios locales de carga de archivos sin restricciones de Ivanti Avalanche EnterpriseServer Service" } ], "id": "CVE-2023-41725", "lastModified": "2024-11-21T08:21:33.190", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2023-11-03T20:15:09.093", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46224", "lastModified": "2024-11-21T08:28:06.550", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:10.113", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2024-01-25 20:15
Modified
2024-11-21 08:21
Severity ?
Summary
Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/JBalanza/CVE-2023-41474 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/JBalanza/CVE-2023-41474 | Exploit, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4.153:*:*:*:premise:*:*:*", "matchCriteriaId": "F5A7D50A-DD35-40B6-B4AD-8703DB016E90", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component." }, { "lang": "es", "value": "La vulnerabilidad de directory traversal en Ivanti Avalanche 6.3.4.153 permite a un atacante remoto autenticado obtener informaci\u00f3n confidencial a trav\u00e9s del componente javax.faces.resource." } ], "id": "CVE-2023-41474", "lastModified": "2024-11-21T08:21:14.197", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-01-25T20:15:36.993", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/JBalanza/CVE-2023-41474" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/JBalanza/CVE-2023-41474" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-08-14 03:15
Modified
2024-08-15 17:31
Severity ?
Summary
Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ivanti | avalanche | 6.3.1 | |
ivanti | avalanche | 6.3.1.1507 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4.153 | |
ivanti | avalanche | 6.4.0 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1.207 | |
ivanti | avalanche | 6.4.1.236 | |
ivanti | avalanche | 6.4.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1:*:*:*:premise:*:*:*", "matchCriteriaId": "6060540C-A977-4E2A-8E1B-41CC3C3E92ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1.1507:*:*:*:premise:*:*:*", "matchCriteriaId": "771C1447-6F5E-45DE-BDE6-8FFBB4708D67", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "778D9C09-12BB-47FC-B74B-DC114AE3A540", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:windows:*:*", "matchCriteriaId": "617DA85C-5FCE-4650-99AA-A1052E690B2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:premise:*:*:*", "matchCriteriaId": "44ABD265-3F8F-415A-96B3-16975661CDEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:*:*:*:*", "matchCriteriaId": "CF93250C-0754-4B87-9BBE-DDF255EEB157", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:premise:*:*:*", "matchCriteriaId": "521CD0B6-8348-41D6-8AD8-79F884F4F10F", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3162335B-9FA4-4AC3-85F0-BD34F859EDFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:premise:*:*:*", "matchCriteriaId": "03E7F6CA-8A72-4A3E-A281-2A7653162FB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:*:*:*:*", "matchCriteriaId": "E2AB421E-C976-4CFF-93F9-40354CB579C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:premise:*:*:*", "matchCriteriaId": "4C581973-06B3-4E16-B37C-41FE7B4388CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "FE9E1AF8-A8ED-4E49-B25F-E27AD4B61E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:premise:*:*:*", "matchCriteriaId": "3CC6AA75-22CD-4588-A1F9-574D7E7698CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4.153:*:*:*:premise:*:*:*", "matchCriteriaId": "F5A7D50A-DD35-40B6-B4AD-8703DB016E90", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "1196CC8F-4D46-4258-9997-1C7E9954A8D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "DF9D82B4-4AF6-4E14-AACE-56982D4F8969", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:premise:*:*:*", "matchCriteriaId": "5FA149E2-AF10-4D3A-9F6C-8AF74110DEF8", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.207:*:*:*:premise:*:*:*", "matchCriteriaId": "CC521F86-4E3F-4217-836D-235B1D9E8876", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.236:*:*:*:premise:*:*:*", "matchCriteriaId": "45AA1E4F-2B38-42A3-A99C-F7ED17067E00", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.2:*:*:*:premise:*:*:*", "matchCriteriaId": "78794BF3-682E-4256-92DA-D669BF78A297", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE." }, { "lang": "es", "value": "La validaci\u00f3n de entrada incorrecta en el almac\u00e9n de archivos central en Ivanti Avalanche 6.3.1 permite que un atacante remoto autenticado con derechos de administrador logre RCE." } ], "id": "CVE-2024-37373", "lastModified": "2024-08-15T17:31:32.407", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-08-14T03:15:04.667", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate Management Server service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15449.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-782/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-782/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate Management Server service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15449." } ], "id": "CVE-2022-36977", "lastModified": "2024-11-21T07:14:11.843", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.317", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-782/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-782/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-11-12 16:15
Modified
2024-11-18 15:06
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "8BF6AFA9-1E31-410B-BCC3-83F137769FC2", "versionEndExcluding": "6.4.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service." }, { "lang": "es", "value": "Una desreferencia de puntero nulo en Ivanti Avalanche anterior a 6.4.6 permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio." } ], "id": "CVE-2024-50317", "lastModified": "2024-11-18T15:06:49.627", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-11-12T16:15:23.347", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2022-04-06 02:15
Modified
2024-11-21 06:04
Severity ?
Summary
Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive information via the C:/Windows/system32/config/system.sav value.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:windows:*:*", "matchCriteriaId": "617DA85C-5FCE-4650-99AA-A1052E690B2C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive information via the C:/Windows/system32/config/system.sav value." }, { "lang": "es", "value": "Ivanti Avalanche (Premise) versi\u00f3n 6.3.2 permite a usuarios remotos no autenticados leer archivos arbitrarios por medio de un Salto de Ruta Absoluto. No es verificado que el par\u00e1metro imageFilePath procesado por el endpoint /AvalancheWeb/image est\u00e9 dentro del \u00e1mbito de la carpeta de im\u00e1genes, por ejemplo, el atacante puede obtener informaci\u00f3n confidencial por medio del valor C:/Windows/system32/config/system.sav" } ], "id": "CVE-2021-30497", "lastModified": "2024-11-21T06:04:02.477", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2022-04-06T02:15:08.287", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-08-14 03:15
Modified
2024-08-15 17:31
Severity ?
Summary
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ivanti | avalanche | 6.3.1 | |
ivanti | avalanche | 6.3.1.1507 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4.153 | |
ivanti | avalanche | 6.4.0 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1.207 | |
ivanti | avalanche | 6.4.1.236 | |
ivanti | avalanche | 6.4.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1:*:*:*:premise:*:*:*", "matchCriteriaId": "6060540C-A977-4E2A-8E1B-41CC3C3E92ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1.1507:*:*:*:premise:*:*:*", "matchCriteriaId": "771C1447-6F5E-45DE-BDE6-8FFBB4708D67", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "778D9C09-12BB-47FC-B74B-DC114AE3A540", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:windows:*:*", "matchCriteriaId": "617DA85C-5FCE-4650-99AA-A1052E690B2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:premise:*:*:*", "matchCriteriaId": "44ABD265-3F8F-415A-96B3-16975661CDEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:*:*:*:*", "matchCriteriaId": "CF93250C-0754-4B87-9BBE-DDF255EEB157", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:premise:*:*:*", "matchCriteriaId": "521CD0B6-8348-41D6-8AD8-79F884F4F10F", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3162335B-9FA4-4AC3-85F0-BD34F859EDFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:premise:*:*:*", "matchCriteriaId": "03E7F6CA-8A72-4A3E-A281-2A7653162FB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:*:*:*:*", "matchCriteriaId": "E2AB421E-C976-4CFF-93F9-40354CB579C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:premise:*:*:*", "matchCriteriaId": "4C581973-06B3-4E16-B37C-41FE7B4388CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "FE9E1AF8-A8ED-4E49-B25F-E27AD4B61E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:premise:*:*:*", "matchCriteriaId": "3CC6AA75-22CD-4588-A1F9-574D7E7698CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4.153:*:*:*:premise:*:*:*", "matchCriteriaId": "F5A7D50A-DD35-40B6-B4AD-8703DB016E90", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "1196CC8F-4D46-4258-9997-1C7E9954A8D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "DF9D82B4-4AF6-4E14-AACE-56982D4F8969", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:premise:*:*:*", "matchCriteriaId": "5FA149E2-AF10-4D3A-9F6C-8AF74110DEF8", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.207:*:*:*:premise:*:*:*", "matchCriteriaId": "CC521F86-4E3F-4217-836D-235B1D9E8876", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.236:*:*:*:premise:*:*:*", "matchCriteriaId": "45AA1E4F-2B38-42A3-A99C-F7ED17067E00", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.2:*:*:*:premise:*:*:*", "matchCriteriaId": "78794BF3-682E-4256-92DA-D669BF78A297", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS." }, { "lang": "es", "value": "Un error de uno en uno en WLInfoRailService en Ivanti Avalanche 6.3.1 permite que un atacante remoto no autenticado bloquee el servicio, lo que resulta en un DoS." } ], "id": "CVE-2024-36136", "lastModified": "2024-08-15T17:31:15.880", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-08-14T03:15:04.390", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-193" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-193" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2024-08-14 03:15
Modified
2024-08-15 17:32
Severity ?
Summary
Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ivanti | avalanche | 6.3.1 | |
ivanti | avalanche | 6.3.1.1507 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.2.3490 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.3.101 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4 | |
ivanti | avalanche | 6.3.4.153 | |
ivanti | avalanche | 6.4.0 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1 | |
ivanti | avalanche | 6.4.1.207 | |
ivanti | avalanche | 6.4.1.236 | |
ivanti | avalanche | 6.4.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1:*:*:*:premise:*:*:*", "matchCriteriaId": "6060540C-A977-4E2A-8E1B-41CC3C3E92ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.1.1507:*:*:*:premise:*:*:*", "matchCriteriaId": "771C1447-6F5E-45DE-BDE6-8FFBB4708D67", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "778D9C09-12BB-47FC-B74B-DC114AE3A540", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:windows:*:*", "matchCriteriaId": "617DA85C-5FCE-4650-99AA-A1052E690B2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:premise:*:*:*", "matchCriteriaId": "44ABD265-3F8F-415A-96B3-16975661CDEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:*:*:*:*", "matchCriteriaId": "CF93250C-0754-4B87-9BBE-DDF255EEB157", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:premise:*:*:*", "matchCriteriaId": "521CD0B6-8348-41D6-8AD8-79F884F4F10F", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3162335B-9FA4-4AC3-85F0-BD34F859EDFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:premise:*:*:*", "matchCriteriaId": "03E7F6CA-8A72-4A3E-A281-2A7653162FB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:*:*:*:*", "matchCriteriaId": "E2AB421E-C976-4CFF-93F9-40354CB579C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:premise:*:*:*", "matchCriteriaId": "4C581973-06B3-4E16-B37C-41FE7B4388CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "FE9E1AF8-A8ED-4E49-B25F-E27AD4B61E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:premise:*:*:*", "matchCriteriaId": "3CC6AA75-22CD-4588-A1F9-574D7E7698CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.3.4.153:*:*:*:premise:*:*:*", "matchCriteriaId": "F5A7D50A-DD35-40B6-B4AD-8703DB016E90", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "1196CC8F-4D46-4258-9997-1C7E9954A8D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "DF9D82B4-4AF6-4E14-AACE-56982D4F8969", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:premise:*:*:*", "matchCriteriaId": "5FA149E2-AF10-4D3A-9F6C-8AF74110DEF8", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.207:*:*:*:premise:*:*:*", "matchCriteriaId": "CC521F86-4E3F-4217-836D-235B1D9E8876", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.1.236:*:*:*:premise:*:*:*", "matchCriteriaId": "45AA1E4F-2B38-42A3-A99C-F7ED17067E00", "vulnerable": true }, { "criteria": "cpe:2.3:a:ivanti:avalanche:6.4.2:*:*:*:premise:*:*:*", "matchCriteriaId": "78794BF3-682E-4256-92DA-D669BF78A297", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion." }, { "lang": "es", "value": "El path traversal en el componente de gesti\u00f3n de aspectos de Ivanti Avalanche 6.3.1 permite a un atacante remoto no autenticado lograr una denegaci\u00f3n de servicio mediante la eliminaci\u00f3n arbitraria de archivos." } ], "id": "CVE-2024-38652", "lastModified": "2024-08-15T17:32:39.067", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-08-14T03:15:05.020", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46216", "lastModified": "2024-11-21T08:28:05.447", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:09.170", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de control de autorizaci\u00f3n inapropiada en Ivanti Avalanche versiones anteriores a 6.3.3 que permite a un atacante con acceso al Servicio Inforail llevar a cabo una escalada de privilegios" } ], "id": "CVE-2021-42126", "lastModified": "2024-11-21T06:27:18.927", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.197", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-285" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." }, { "lang": "es", "value": "Un atacante que env\u00eda paquetes de datos especialmente manipulados a Mobile Device Server puede provocar da\u00f1os en la memoria, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) o la ejecuci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46260", "lastModified": "2024-11-21T08:28:11.550", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:10.887", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-12-07 14:15
Modified
2024-11-21 06:27
Severity ?
Summary
A command Injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9A93D88-E04B-4225-8D57-E0DF1395E6BD", "versionEndExcluding": "6.3.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A command Injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de inyecci\u00f3n de comandos en Ivanti Avalanche versiones anteriores a 6.3.3, que permite a un atacante con acceso al servicio Inforail llevar a cabo la ejecuci\u00f3n de un comando arbitrario" } ], "id": "CVE-2021-42132", "lastModified": "2024-11-21T06:27:19.620", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-07T14:15:09.500", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-77" } ], "source": "support@hackerone.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-77" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.
References
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt | Release Notes, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "024C02F7-995E-4235-8900-A9673F050E72", "versionEndExcluding": "6.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution." }, { "lang": "es", "value": "Existe una carga sin restricciones de archivos con una vulnerabilidad de tipo peligroso en las versiones 6.4.1 e inferiores de Avalanche que podr\u00eda permitir a un atacante lograr la ejecuci\u00f3n de eliminaci\u00f3n de c\u00f3digo." } ], "id": "CVE-2023-46264", "lastModified": "2024-11-21T08:28:12.067", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:11.493", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-11-12 16:15
Modified
2024-11-18 15:06
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "8BF6AFA9-1E31-410B-BCC3-83F137769FC2", "versionEndExcluding": "6.4.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service." }, { "lang": "es", "value": "Un bucle infinito en Ivanti Avalanche anterior a 6.4.6 permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio." } ], "id": "CVE-2024-50319", "lastModified": "2024-11-18T15:06:25.480", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-11-12T16:15:23.713", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-10 20:15
Modified
2024-11-21 08:03
Severity ?
Summary
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BB2A71-2815-4982-825E-3546E2A7FE83", "versionEndExcluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1." } ], "id": "CVE-2023-32562", "lastModified": "2024-11-21T08:03:36.400", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-10T20:15:10.360", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-434" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-10 19:15
Modified
2024-11-21 08:03
Severity ?
Summary
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BB2A71-2815-4982-825E-3546E2A7FE83", "versionEndExcluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1." } ], "id": "CVE-2023-32566", "lastModified": "2024-11-21T08:03:36.887", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-10T19:15:09.583", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-11-03 20:15
Modified
2024-11-21 07:26
Severity ?
Summary
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "C9C00C8A-E00C-4C25-A623-24390C27ACE3", "versionEndExcluding": "6.4.1.236", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability" }, { "lang": "es", "value": "Vulnerabilidad de escalada de privilegios locales sin autenticaci\u00f3n de Ivanti Avalanche Printer Device Service" } ], "id": "CVE-2022-43555", "lastModified": "2024-11-21T07:26:46.717", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-11-03T20:15:08.757", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-306" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-306" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2018-06-29 15:29
Modified
2024-11-21 04:14
Severity ?
Summary
An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. A local user with database access privileges can read the encrypted passwords for users who authenticate via LDAP to Avalanche services. These passwords are stored in the Avalanche databases. This issue only affects customers who have enabled LDAP authentication in their configuration.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://community.ivanti.com/docs/DOC-68406 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://community.ivanti.com/docs/DOC-68406 | Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "6437AEEE-FD64-46CB-BD1A-B59C8ABB9774", "versionEndIncluding": "6.2", "versionStartIncluding": "5.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. A local user with database access privileges can read the encrypted passwords for users who authenticate via LDAP to Avalanche services. These passwords are stored in the Avalanche databases. This issue only affects customers who have enabled LDAP authentication in their configuration." }, { "lang": "es", "value": "Se ha descubierto un problema en Ivanti Avalanche para todas las versiones entre la 5.3 y la 6.2. Un usuario local con privilegios de acceso a la base de datos puede leer las contrase\u00f1as cifradas para los usuarios que se autentican mediante LDAP en los servicios de Avalanche. Estas contrase\u00f1as se almacenan en las bases de datos de Avalanche. Este problema s\u00f3lo afecta a los clientes que han habilitado la autenticaci\u00f3n LDAP en su configuraci\u00f3n." } ], "id": "CVE-2018-8901", "lastModified": "2024-11-21T04:14:33.857", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-06-29T15:29:00.413", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://community.ivanti.com/docs/DOC-68406" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://community.ivanti.com/docs/DOC-68406" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 07:14
Severity ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15332.
References
▼ | URL | Tags | |
---|---|---|---|
zdi-disclosures@trendmicro.com | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-22-780/ | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-780/ | Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "15814CD7-C562-4360-8E57-354E1D275F92", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.3.2.3490", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15332." } ], "id": "CVE-2022-36975", "lastModified": "2024-11-21T07:14:11.597", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T19:15:12.190", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-780/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-780/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-89" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-10 20:15
Modified
2024-11-21 08:03
Severity ?
Summary
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution.
Thanks to a Researcher at Tenable for finding and reporting.
Fixed in version 6.4.1.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BB2A71-2815-4982-825E-3546E2A7FE83", "versionEndExcluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution.\n\nThanks to a Researcher at Tenable for finding and reporting.\n\nFixed in version 6.4.1." } ], "id": "CVE-2023-32560", "lastModified": "2024-11-21T08:03:36.150", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-10T20:15:10.200", "references": [ { "source": "support@hackerone.com", "url": "http://packetstormsecurity.com/files/174459/Ivanti-Avalance-Remote-Code-Execution.html" }, { "source": "support@hackerone.com", "url": "http://packetstormsecurity.com/files/174698/Ivanti-Avalanche-MDM-Buffer-Overflow.html" }, { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/174459/Ivanti-Avalance-Remote-Code-Execution.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/174698/Ivanti-Avalanche-MDM-Buffer-Overflow.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-11-12 16:15
Modified
2024-11-18 15:06
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*", "matchCriteriaId": "8BF6AFA9-1E31-410B-BCC3-83F137769FC2", "versionEndExcluding": "6.4.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service." }, { "lang": "es", "value": "Una desreferencia de puntero nulo en Ivanti Avalanche anterior a 6.4.6 permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio." } ], "id": "CVE-2024-50318", "lastModified": "2024-11-18T15:06:52.807", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-11-12T16:15:23.537", "references": [ { "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release" } ], "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-10 20:15
Modified
2024-11-21 08:03
Severity ?
Summary
A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BB2A71-2815-4982-825E-3546E2A7FE83", "versionEndExcluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1." } ], "id": "CVE-2023-32561", "lastModified": "2024-11-21T08:03:36.280", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-10T20:15:10.287", "references": [ { "source": "support@hackerone.com", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-19 16:15
Modified
2024-11-21 08:28
Severity ?
Summary
An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery (SSRF).
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B2EB4E0-35D0-45BF-B70F-DDA92C7B567E", "versionEndIncluding": "6.4.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery (SSRF)." }, { "lang": "es", "value": "Una persona no autenticada podr\u00eda aprovechar una vulnerabilidad XXE en el Smart Device Server para filtrar datos o realizar Server-Side Request Forgery (SSRF)." } ], "id": "CVE-2023-46265", "lastModified": "2024-11-21T08:28:12.210", "metrics": { "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "support@hackerone.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-19T16:15:11.640", "references": [ { "source": "support@hackerone.com", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-611" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-611" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
cve-2023-41725
Vulnerability from cvelistv5
Published
2023-11-03 18:13
Modified
2024-09-05 14:55
Severity ?
EPSS score ?
Summary
Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:01:35.512Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "avalanche", "vendor": "ivanti", "versions": [ { "lessThan": "6.4.1.236", "status": "affected", "version": "6.4.1.0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-41725", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-05T14:53:53.896418Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-05T14:55:18.991Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Avalanche", "vendor": "Ivanti", "versions": [ { "lessThan": "6.4.1.236", "status": "affected", "version": "6.4.1.236", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability" } ], "metrics": [ { "cvssV3_0": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "providerMetadata": { "dateUpdated": "2023-11-03T18:13:19.979Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-41725", "datePublished": "2023-11-03T18:13:19.979Z", "dateReserved": "2023-08-31T01:00:11.771Z", "dateUpdated": "2024-09-05T14:55:18.991Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-23533
Vulnerability from cvelistv5
Published
2024-04-19 01:10
Modified
2024-08-01 23:06
Severity ?
EPSS score ?
Summary
An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an authenticated remote attacker to read sensitive information in memory.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:ivanti:avalanche:6.4.3:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "avalanche", "vendor": "ivanti", "versions": [ { "status": "affected", "version": "-" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-23533", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-20T19:12:36.302096Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:45:49.282Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T23:06:25.130Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Avalanche", "vendor": "Ivanti", "versions": [ { "lessThan": "6.4.3", "status": "affected", "version": "6.4.3", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an authenticated remote attacker to read sensitive information in memory. " } ], "metrics": [ { "cvssV3_0": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } } ], "providerMetadata": { "dateUpdated": "2024-04-19T01:10:11.827Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2024-23533", "datePublished": "2024-04-19T01:10:11.827Z", "dateReserved": "2024-01-18T01:04:07.197Z", "dateUpdated": "2024-08-01T23:06:25.130Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-41727
Vulnerability from cvelistv5
Published
2023-12-19 15:43
Modified
2024-08-02 19:01
Severity ?
EPSS score ?
Summary
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:01:35.508Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Wavelink", "vendor": "Ivanti", "versions": [ { "lessThanOrEqual": "6.4.1", "status": "affected", "version": "6.4.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution." } ], "metrics": [ { "cvssV3_0": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "providerMetadata": { "dateUpdated": "2023-12-19T15:43:26.326Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-41727", "datePublished": "2023-12-19T15:43:26.326Z", "dateReserved": "2023-08-31T01:00:11.771Z", "dateUpdated": "2024-08-02T19:01:35.508Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-30497
Vulnerability from cvelistv5
Published
2022-04-06 01:22
Modified
2024-08-03 22:32
Severity ?
EPSS score ?
Summary
Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive information via the C:/Windows/system32/config/system.sav value.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:32:41.103Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive information via the C:/Windows/system32/config/system.sav value." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-06T01:22:07", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm" }, { "tags": [ "x_refsource_MISC" ], "url": "https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-30497", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive information via the C:/Windows/system32/config/system.sav value." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm", "refsource": "MISC", "url": "https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm" }, { "name": "https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/", "refsource": "MISC", "url": "https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/" }, { "name": "https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US", "refsource": "MISC", "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-30497", "datePublished": "2022-04-06T01:22:07", "dateReserved": "2021-04-11T00:00:00", "dateUpdated": "2024-08-03T22:32:41.103Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-23534
Vulnerability from cvelistv5
Published
2024-04-19 01:10
Modified
2024-08-01 23:06
Severity ?
EPSS score ?
Summary
An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:ivanti:avalanche:6.4.3:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "avalanche", "vendor": "ivanti", "versions": [ { "lessThan": "6.4.3", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-23534", "options": [ { "Exploitation": "None" }, { "Automatable": "No" }, { "Technical Impact": "Total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-20T04:00:09.250344Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:45:43.815Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T23:06:25.145Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Avalanche", "vendor": "Ivanti", "versions": [ { "lessThan": "6.4.3", "status": "affected", "version": "6.4.3", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. " } ], "metrics": [ { "cvssV3_0": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "providerMetadata": { "dateUpdated": "2024-04-19T01:10:11.834Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2024-23534", "datePublished": "2024-04-19T01:10:11.834Z", "dateReserved": "2024-01-18T01:04:07.197Z", "dateUpdated": "2024-08-01T23:06:25.145Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-24998
Vulnerability from cvelistv5
Published
2024-04-19 01:10
Modified
2024-08-01 23:36
Severity ?
EPSS score ?
Summary
A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:ivanti:avalanche:6.4.3:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "avalanche", "vendor": "ivanti", "versions": [ { "status": "affected", "version": "6.4.3" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-24998", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-20T04:00:15.490621Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-31", "description": "CWE-31 Path Traversal: \u0027dir\\..\\..\\filename\u0027", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-23T18:34:00.596Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T23:36:21.396Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Avalanche", "vendor": "Ivanti", "versions": [ { "lessThan": "6.4.3", "status": "affected", "version": "6.4.3", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. " } ], "metrics": [ { "cvssV3_0": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "providerMetadata": { "dateUpdated": "2024-04-19T01:10:11.897Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2024-24998", "datePublished": "2024-04-19T01:10:11.897Z", "dateReserved": "2024-02-02T01:04:07.450Z", "dateUpdated": "2024-08-01T23:36:21.396Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-27975
Vulnerability from cvelistv5
Published
2024-04-19 01:10
Modified
2024-08-02 00:41
Severity ?
EPSS score ?
Summary
An Use-after-free vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:ivanti:avalanche:6.4.3:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "avalanche", "vendor": "ivanti", "versions": [ { "status": "affected", "version": "6.4.3" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-27975", "options": [ { "Exploitation": "None" }, { "Automatable": "No" }, { "Technical Impact": "Total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-20T04:00:17.663235Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:47:33.712Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:41:55.949Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Avalanche", "vendor": "Ivanti", "versions": [ { "lessThan": "6.4.3", "status": "affected", "version": "6.4.3", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "An Use-after-free vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. " } ], "metrics": [ { "cvssV3_0": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "providerMetadata": { "dateUpdated": "2024-04-19T01:10:11.777Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2024-27975", "datePublished": "2024-04-19T01:10:11.777Z", "dateReserved": "2024-02-29T01:04:06.640Z", "dateUpdated": "2024-08-02T00:41:55.949Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42130
Vulnerability from cvelistv5
Published
2021-12-07 13:13
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution.
References
▼ | URL | Tags |
---|---|---|
https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Ivanti Avalanche |
Version: 6.3.3 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:37.294Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Ivanti Avalanche", "vendor": "n/a", "versions": [ { "status": "affected", "version": "6.3.3" } ] } ], "descriptions": [ { "lang": "en", "value": "A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-502", "description": "Deserialization of Untrusted Data (CWE-502)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-12-07T13:13:19", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2021-42130", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Ivanti Avalanche", "version": { "version_data": [ { "version_value": "6.3.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Deserialization of Untrusted Data (CWE-502)" } ] } ] }, "references": { "reference_data": [ { "name": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3", "refsource": "MISC", "url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-42130", "datePublished": "2021-12-07T13:13:19", "dateReserved": "2021-10-08T00:00:00", "dateUpdated": "2024-08-04T03:30:37.294Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-24995
Vulnerability from cvelistv5
Published
2024-04-19 01:10
Modified
2024-08-01 23:36
Severity ?
EPSS score ?
Summary
A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:ivanti:avalanche:6.4.3:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "avalanche", "vendor": "ivanti", "versions": [ { "lessThan": "6.4.3", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-24995", "options": [ { "Exploitation": "None" }, { "Automatable": "No" }, { "Technical Impact": "Total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-20T04:00:13.071413Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:43:05.313Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T23:36:21.380Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Avalanche", "vendor": "Ivanti", "versions": [ { "lessThan": "6.4.3", "status": "affected", "version": "6.4.3", "versionType": "semver" }