2 matches found
CVE-2022-36974
Ivanti Avalanche 6.3.2.3490 is affected by a Web File Server deserialization vulnerability that leads to remote code execution with the service account. The issue stems from improper validation of untrusted data, allowing an attacker to bypass authentication and trigger code execution over the ne...
CVE-2022-36974
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Web File...