3 matches found
CVE-2022-36979
creationtimestamp| type| source ---|---|--- 2023-03-29 22:21:50+00:00| seen| Telegram/exZV7X4wzWOA65lztBo3S80JJKCKdJUS67Zi1ZOdPadh10...
CVE-2022-36979
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2022-36979
CVE-2022-36979 affects Ivanti Avalanche 6.3.2.3490. The issue is a SQL injection in the AvalancheDaoSupport class that allows an attacker to bypass authentication by crafting a request that triggers SQL queries composed from user input. Descriptions in multiple sources (including ZDI-22-784 and r...