Page 6 of 50 results (0.030 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability Vulnerabilidad de escalada de privilegios locales sin autenticación de Ivanti Avalanche Printer Device Service This vulnerability allows local attackers to escalate privileges on affected installations of Ivanti Avalanche. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of Apache Derby, used by the Printer Device Service. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt • CWE-306: Missing Authentication for Critical Function •

CVSS: 9.8EPSS: 67%CPEs: 1EXPL: 2

An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1. Ivanti Avalanche versions prior to 6.4.0.0 suffer from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/51699 https://github.com/x0rb3l/CVE-2023-32560 http://packetstormsecurity.com/files/174459/Ivanti-Avalance-Remote-Code-Execution.html http://packetstormsecurity.com/files/174698/Ivanti-Avalanche-MDM-Buffer-Overflow.html https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US https://www.tenable.com/security/research/tra-2023-27 https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1 • CWE-787: Out-of-bounds Write •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1. This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dumpHeap method. • https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileStoreConfig endpoint. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. • https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 39%CPEs: 1EXPL: 0

An unauthenticated attacker could achieve the code execution through a RemoteControl server. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the updateSkin method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US https://twitter.com/wvuuuuuuuuuuuuu/status/1694956245742923939 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •