CVE-2021-42128

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service...

The vulnerability of the Enterprise Server Service in the Avalanche mobile device management system allows a hacker to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the Enterprise Server Service in the Avalanche mobile device management system is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected information...

CVE-2021-42128

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service...

CVE-2021-42128

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service...

Design/Logic Flaw

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service...

CVE-2021-42128

Summary: CVE-2021-42128 affects Ivanti Avalanche prior to 6.3.3, via the Enterprise Server Service. The vulnerability stems from an exposed dangerous function in the Enterprise Server Service that permits an authentication bypass, enabling privilege escalation. Multiple connected sources confirm:...

PT-2021-5424 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.3.3 Description: The issue is related to an exposed dangerous function in the Enterprise Server Service of Ivanti Avalanche, which can be exploited for privilege escalation. This vulnerability is associate...