4 matches found
Ivanti Avalanche < 6.4.5 Multiple Vulnerabilities
The version of Ivanti Avalanche running on the remote host is prior to 6.4.5. It is, therefore, is affected by multiple vulnerabilities : - A NULL pointer dereference in WLAvalancheService allows a remote unauthenticated attacker to crash the service. CVE-2024-47007 - Server-side request forgery...
CVE-2024-47008
Ivanti Avalanche prior to version 6.4.5 is affected by a Server-Side Request Forgery (SSRF) that allows remote, unauthenticated attackers to disclose sensitive information via the validateAMCWSConnection path. The CVE entry CVE-2024-47008 is rated HIGH (CVSS v3.1: 7.5) with network attack, low co...
CVE-2024-47008
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information...
CVE-2024-47008
creationtimestamp| type| source ---|---|--- 2024-10-08 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1324/ 2024-10-08 20:24:04+00:00| seen| https://t.me/cvedetector/7388...