Lucene search
+L

4 matches found

NVD
NVD
added 2023/03/29 7:15 p.m.15 views

CVE-2022-36973

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ProfileDaoImp...

9.1CVSS9.1AI score0.06015EPSS
Exploits0References2
Prion
Prion
added 2023/03/29 7:15 p.m.15 views

Authentication flaw

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ProfileDaoImp...

6.5CVSS8.9AI score0.06015EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/29 12:0 a.m.21 views

CVE-2022-36973

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ProfileDaoImp...

9.1CVSS9.2AI score0.06015EPSS
Exploits0References2
CVE
CVE
added 2023/03/29 12:0 a.m.61 views

CVE-2022-36973

This CVE (CVE-2022-36973) affects Ivanti Avalanche 6.3.2.3490. The vulnerability is a SQL injection in the ProfileDaoImpl class that can trigger crafted SQL queries composed from user-supplied strings, allowing an attacker to bypass authentication. Multiple connected sources confirm the same root...

9.1CVSS9.1AI score0.06015EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder