Lucene search
HistoryAug 10, 2023 - 8:15 p.m.
CVE-2023-32561
cve-2023-32561
vulnerability
artifact access
authentication bypass
nvd
security fix
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.1 High
AI Score
Confidence
High
0.018 Low
EPSS
Percentile
88.2%
A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1.
Affected configurations
Node
ivantiavalancheRange<6.4.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| ivanti:avalanche | ivanti avalanche | lt | 6.4.1 |
CNA Affected
[
{
"defaultStatus": "affected",
"vendor": "Ivanti",
"product": "Avalanche",
"versions": [
{
"version": "6.4.1",
"status": "unaffected",
"lessThan": "6.4.1",
"versionType": "custom"
}
]
}
]Related
prion
prion
Authentication flaw
2023-08-10 20:15:00
nvd
nvd
CVE-2023-32561
2023-08-10 20:15:10
cvelist
cvelist
CVE-2023-32561
2023-08-10 19:07:32
zdi
zdi
thn
thn
nessus
nessus
Ivanti Avalanche < 6.4.1 Multiple Vulnerabilities
2023-08-18 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.1 High
AI Score
Confidence
High
0.018 Low
EPSS
Percentile
88.2%
Related for CVE-2023-32561