4 matches found
CVE-2022-36973
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ProfileDaoImp...
CVE-2022-36973
creationtimestamp| type| source ---|---|--- 2023-03-29 22:15:53+00:00| seen| https://t.me/cibsecurity/61050...
CVE-2022-36973
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ProfileDaoImp...
CVE-2022-36973
This CVE (CVE-2022-36973) affects Ivanti Avalanche 6.3.2.3490. The vulnerability is a SQL injection in the ProfileDaoImpl class that can trigger crafted SQL queries composed from user-supplied strings, allowing an attacker to bypass authentication. Multiple connected sources confirm the same root...