3 matches found
CVE-2022-36977
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate...
CVE-2022-36977
CVE-2022-36977 affects Ivanti Avalanche 6.3.2.3490. The vulnerability lies in the Certificate Management Server service, where improper validation of untrusted input enables deserialization, allowing remote code execution in the service account context. Authentication is required but can be bypas...
CVE-2022-36977
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate...