Avalanche Security Vulnerabilities and Issues — Avalanche CVE List

Lucene search

IvantiAvalanche

5 matches found

CVE•added 2024/10/08 5:15 p.m.•42 views

CVE-2024-47007

A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service.

7.5CVSS7.2AI score0.04384EPSS

CVE•added 2024/10/08 5:15 p.m.•38 views

CVE-2024-47009

Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.

9.8CVSS7.1AI score0.13497EPSS

CVE•added 2024/10/08 5:15 p.m.•37 views

CVE-2024-47008

Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information.

7.5CVSS7AI score0.10023EPSS

CVE•added 2024/10/08 5:15 p.m.•35 views

CVE-2024-47011

Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information

7.5CVSS6.8AI score0.10807EPSS

CVE•added 2024/10/08 5:15 p.m.•34 views

CVE-2024-47010

Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.

9.8CVSS7.3AI score0.21977EPSS