Avalanche Security Vulnerabilities
An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. A local user with database access privileges can read the encrypted passwords for users who authenticate via LDAP to Avalanche services. These passwords are stored in the Avalanche databases. This issue only affects c...
7.8CVSS
7.5AI Score
0.0004EPSS
An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. The impacted products used a single shared key encryption model to encrypt data. A user with access to system databases can use the discovered key to access potentially confidential stored data, which may include Wi-F...
6.5CVSS
6.3AI Score
0.001EPSS
An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. An attacker, who already has access to an SSH restricted shell, can achieve root access via shell metacharacters. The attacker can then, for example, read sensitive files such as appliance admin configur...
6.7CVSS
6.5AI Score
0.0004EPSS
Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250.
9.8CVSS
9.7AI Score
0.001EPSS
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack.
9.1CVSS
9AI Score
0.006EPSS
Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive inf...
7.5CVSS
7.3AI Score
0.951EPSS
An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform a session takeover.
8.8CVSS
8.5AI Score
0.001EPSS
An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files.
8.8CVSS
8.6AI Score
0.009EPSS
An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.
8.8CVSS
8.6AI Score
0.001EPSS
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using Inforail Service allows arbitrary code execution via Data Repository Service.
9.8CVSS
9.7AI Score
0.013EPSS
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service.
9.8CVSS
9.4AI Score
0.008EPSS
A command injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution.
8.8CVSS
8.9AI Score
0.049EPSS
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution.
8.8CVSS
8.9AI Score
0.005EPSS
A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.
8.8CVSS
9AI Score
0.012EPSS
A command Injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution.
8.8CVSS
8.9AI Score
0.049EPSS
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write.
8.1CVSS
8AI Score
0.002EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the JwtTokenUtilit...
8.8CVSS
9.3AI Score
0.039EPSS
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can levera...
9.8CVSS
9.6AI Score
0.09EPSS
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ProfileDaoImpl ...
8.8CVSS
9.1AI Score
0.11EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Web File Serve...
9.8CVSS
9.8AI Score
0.144EPSS
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can levera...
9.8CVSS
9.6AI Score
0.09EPSS
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the GroupDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage...
9.8CVSS
9.6AI Score
0.09EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate Ma...
9.8CVSS
9.8AI Score
0.177EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification S...
9.8CVSS
9.8AI Score
0.177EPSS
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AvalancheDaoSup...
9.8CVSS
8.3AI Score
0.09EPSS
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the EnterpriseServe...
8.1CVSS
8.5AI Score
0.007EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DeviceLogResour...
9.8CVSS
9.3AI Score
0.093EPSS
This vulnerability allows remote attackers to read arbitrary files on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AgentTaskHandler ...
7.5CVSS
6.5AI Score
0.011EPSS
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetSettings class. The issue results from the lack of authentication prior to allowing...
9.8CVSS
8.2AI Score
0.008EPSS
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability
7.8CVSS
7.6AI Score
0.001EPSS
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability
7.8CVSS
7.6AI Score
0.001EPSS
An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port.
7.5CVSS
7.6AI Score
0.01EPSS
An improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below that could allow an attacker to gain access to the server by registering to receive messages from the server and perform an authentication bypass.
5.9CVSS
5.9AI Score
0.018EPSS
An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message.
5.9CVSS
6AI Score
0.025EPSS
A path traversal vulnerability exists in Avalanche version 6.3.x and below that when exploited could result in possible information disclosure.
7.5CVSS
7.2AI Score
0.006EPSS
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution.
7.2CVSS
7AI Score
0.13EPSS
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1.
9.8CVSS
9.2AI Score
0.558EPSS
A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1.
7.5CVSS
7.1AI Score
0.018EPSS
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1.
9.8CVSS
6.8AI Score
0.017EPSS
An unauthenticated attacker could achieve the code execution through a RemoteControl server.
9.8CVSS
8.9AI Score
0.292EPSS
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.
9.8CVSS
6.7AI Score
0.017EPSS
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1.
9.1CVSS
6.2AI Score
0.018EPSS
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1.
9.1CVSS
6.5AI Score
0.018EPSS
Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236
9.8CVSS
6.5AI Score
0.05EPSS
Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component.
6.5CVSS
5.9AI Score
0.001EPSS
Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability
7.8CVSS
7.6AI Score
0.001EPSS
Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability
7.8CVSS
7.6AI Score
0.001EPSS
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
9.8CVSS
9.6AI Score
0.001EPSS
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
9.8CVSS
9.6AI Score
0.001EPSS
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
9.8CVSS
9.6AI Score
0.001EPSS