3 matches found
CVE-2022-36978
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification...
CVE-2022-36978
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification...
CVE-2022-36978
Ivanti Avalanche 6.3.2.3490 is affected. The vulnerability resides in the Notification Server service and stems from improper validation of user-supplied data, leading to deserialization of untrusted data and remote code execution in the service account context. Authentication is required to expl...