2 matches found
Ivanti Avalanche DataRepository Service Insecure Deserialization (CVE-2021-42130)
An insecure deserialization vulnerability exists in the Ivanti Avalanche DataRepository service. The vulnerability is due to insufficient validation of serialized data sent to the DataRepository service...
CVE-2021-42130
Ivanti Avalanche CVE-2021-42130 is a deserialization of untrusted data vulnerability affecting the DataRepository service (and related Inforail access) prior to version 6.3.3. Root cause: insufficient validation of serialized data, enabling an attacker with access to the Inforail/DataRepository i...