Lucene search
HistoryDec 19, 2023 - 4:15 p.m.
CVE-2023-46261
cve-2023-46261
mobile device server
memory corruption
dos
code execution
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
82.1%
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
Affected configurations
Node
ivantiavalancheRange<6.4.2premise
microsoftwindowsMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| ivanti:avalanche | ivanti avalanche | lt | 6.4.2 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"vendor": "Ivanti",
"product": "Avalanche",
"versions": [
{
"version": "6.4.1",
"status": "affected",
"lessThanOrEqual": "6.4.1",
"versionType": "semver"
}
]
}
]Related
prion
prion
Memory corruption
2023-12-19 16:15:00
zdi
zdi
cvelist
cvelist
CVE-2023-46261
2023-12-19 15:43:26
nvd
nvd
CVE-2023-46261
2023-12-19 16:15:11
nessus
nessus
Ivanti Avalanche < 6.4.2 Multiple Vulnerabilities
2024-02-09 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
82.1%
Related for CVE-2023-46261