Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 10:37 p.m.17 views

CVE-2022-36971

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.8CVSS7.5AI score0.14984EPSS
Exploits0
OSV
OSV
added 2023/03/29 7:15 p.m.6 views

CVE-2022-36971

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS6.2AI score0.14984EPSS
Exploits0References2
CVE
CVE
added 2023/03/29 12:0 a.m.59 views

CVE-2022-36971

Ivanti Avalanche 6.3.2.3490 is affected by CVE-2022-36971 due to deserialization of untrusted data in JwtTokenUtility, enabling remote code execution with network access and low attack complexity. Authentication is required but may be bypassed. No official patch/version is stated in the provided ...

9.8CVSS9.3AI score0.14984EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/29 12:0 a.m.12 views

CVE-2022-36971

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.8CVSS9AI score0.14984EPSS
Exploits0References2
Rows per page
Query Builder