Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE.
2024-08-14T03:15:04.667
2024-08-15T17:31:32.407
Analyzed
CVSSv3.1: 7.2 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ivanti | avalanche | 6.3.1 | Yes |
| Application | ivanti | avalanche | 6.3.1.1507 | Yes |
| Application | ivanti | avalanche | 6.3.2 | Yes |
| Application | ivanti | avalanche | 6.3.2 | Yes |
| Application | ivanti | avalanche | 6.3.2 | Yes |
| Application | ivanti | avalanche | 6.3.2.3490 | Yes |
| Application | ivanti | avalanche | 6.3.2.3490 | Yes |
| Application | ivanti | avalanche | 6.3.3 | Yes |
| Application | ivanti | avalanche | 6.3.3 | Yes |
| Application | ivanti | avalanche | 6.3.3.101 | Yes |
| Application | ivanti | avalanche | 6.3.3.101 | Yes |
| Application | ivanti | avalanche | 6.3.4 | Yes |
| Application | ivanti | avalanche | 6.3.4 | Yes |
| Application | ivanti | avalanche | 6.3.4.153 | Yes |
| Application | ivanti | avalanche | 6.4.0 | Yes |
| Application | ivanti | avalanche | 6.4.1 | Yes |
| Application | ivanti | avalanche | 6.4.1 | Yes |
| Application | ivanti | avalanche | 6.4.1.207 | Yes |
| Application | ivanti | avalanche | 6.4.1.236 | Yes |
| Application | ivanti | avalanche | 6.4.2 | Yes |