2 matches found
CVE-2024-24993
A Race Condition TOCTOU vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...
CVE-2024-24993
CVE-2024-24993 describes a TOCTOU race condition in the web component of Ivanti Avalanche prior to 6.4.3. An authenticated remote attacker could exploit this to execute arbitrary commands as SYSTEM. Public sources (NVD, Red Hat, ZDI, Nessus plugin) consistently state the vulnerability exists in t...