A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
2024-08-14T03:15:04.850
2024-08-15T17:31:49.067
Analyzed
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ivanti | avalanche | 6.3.1 | Yes |
| Application | ivanti | avalanche | 6.3.1.1507 | Yes |
| Application | ivanti | avalanche | 6.3.2 | Yes |
| Application | ivanti | avalanche | 6.3.2 | Yes |
| Application | ivanti | avalanche | 6.3.2 | Yes |
| Application | ivanti | avalanche | 6.3.2.3490 | Yes |
| Application | ivanti | avalanche | 6.3.2.3490 | Yes |
| Application | ivanti | avalanche | 6.3.3 | Yes |
| Application | ivanti | avalanche | 6.3.3 | Yes |
| Application | ivanti | avalanche | 6.3.3.101 | Yes |
| Application | ivanti | avalanche | 6.3.3.101 | Yes |
| Application | ivanti | avalanche | 6.3.4 | Yes |
| Application | ivanti | avalanche | 6.3.4 | Yes |
| Application | ivanti | avalanche | 6.3.4.153 | Yes |
| Application | ivanti | avalanche | 6.4.0 | Yes |
| Application | ivanti | avalanche | 6.4.1 | Yes |
| Application | ivanti | avalanche | 6.4.1 | Yes |
| Application | ivanti | avalanche | 6.4.1.207 | Yes |
| Application | ivanti | avalanche | 6.4.1.236 | Yes |
| Application | ivanti | avalanche | 6.4.2 | Yes |