Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-38036

A security vulnerability within Ivanti Avalanche Manager before version 6.4.1 may allow an unauthenticated attacker to create a buffer overflow that could result in service disruption or arbitrary code execution.

Published

2025-07-12T04:15:27.163

Last Modified

2025-07-17T13:45:21.650

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ivanti	avalanche	< 6.4.1	Yes

References

https://forums.ivanti.com/s/article/Security-Advisory-Avalanche-CVE-2023-38036 Vendor Advisory ([email protected])