Lucene search

K
cveHackeroneCVE-2022-43555
HistoryNov 03, 2023 - 8:15 p.m.

CVE-2022-43555

2023-11-0320:15:08
CWE-306
hackerone
web.nvd.nist.gov
21
ivanti
avalanche
printer
device
service
missing authentication
local privilege escalation
vulnerability
nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

56.4%

Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability

Affected configurations

Nvd
Vulners
Node
ivantiavalancheRange<6.4.1.236premise
VendorProductVersionCPE
ivantiavalanche*cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "vendor": "Ivanti",
    "product": "Avalanche",
    "versions": [
      {
        "version": "6.4.1.236",
        "status": "affected",
        "lessThan": "6.4.1.236",
        "versionType": "semver"
      }
    ]
  }
]

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

56.4%

Related for CVE-2022-43555