Lucene search
K

5 matches found

NVD
NVD
added 2023/03/29 7:15 p.m.18 views

CVE-2022-36971

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.8CVSS9.4AI score0.14984EPSS
Exploits0References2
OSV
OSV
added 2023/03/29 7:15 p.m.5 views

CVE-2022-36971

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS6.2AI score0.14984EPSS
Exploits0References2
Prion
Prion
added 2023/03/29 7:15 p.m.19 views

Deserialization of untrusted data

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6.5CVSS9AI score0.14984EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/29 12:0 a.m.22 views

CVE-2022-36971

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.8CVSS9.1AI score0.14984EPSS
Exploits0References2
CVE
CVE
added 2023/03/29 12:0 a.m.58 views

CVE-2022-36971

Ivanti Avalanche 6.3.2.3490 is affected by CVE-2022-36971 due to deserialization of untrusted data in JwtTokenUtility, enabling remote code execution with network access and low attack complexity. Authentication is required but may be bypassed. No official patch/version is stated in the provided ...

9.8CVSS9.3AI score0.14984EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder