Lucene search
HackeroneCVELIST:CVE-2023-46266HistoryDec 19, 2023 - 3:43 p.m.
CVE-2023-46266
2023-12-1915:43:26
hackerone
www.cve.org
3
attacker threat data risk
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
9.3
Confidence
High
EPSS
0.006
Percentile
77.9%
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack.
CNA Affected
[
{
"defaultStatus": "unaffected",
"vendor": "Ivanti",
"product": "Avalanche",
"versions": [
{
"version": "6.4.1",
"status": "affected",
"lessThanOrEqual": "6.4.1",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2023-46266
2023-12-19 16:15:11
cve
cve
CVE-2023-46266
2023-12-19 16:15:11
prion
prion
Design/Logic Flaw
2023-12-19 16:15:00
zdi
zdi
nessus
nessus
Ivanti Avalanche < 6.4.2 Multiple Vulnerabilities
2024-02-09 00:00:00
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
9.3
Confidence
High
EPSS
0.006
Percentile
77.9%
Related for CVELIST:CVE-2023-46266