Lucene search
K

4 matches found

OSV
OSV
added 2023/03/29 7:15 p.m.5 views

CVE-2022-36979

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.8CVSS5.9AI score0.06534EPSS
Exploits0References2
NVD
NVD
added 2023/03/29 7:15 p.m.13 views

CVE-2022-36979

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.8CVSS8.4AI score0.06534EPSS
Exploits0References2
Prion
Prion
added 2023/03/29 7:15 p.m.13 views

Authentication flaw

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.5CVSS9.6AI score0.06534EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/03/29 12:0 a.m.48 views

CVE-2022-36979

CVE-2022-36979 affects Ivanti Avalanche 6.3.2.3490. The issue is a SQL injection in the AvalancheDaoSupport class that allows an attacker to bypass authentication by crafting a request that triggers SQL queries composed from user input. Descriptions in multiple sources (including ZDI-22-784 and r...

9.8CVSS8.3AI score0.06534EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder