Ivanti: >> Avalanche >> 6.4.3.528 Security Vulnerabilities
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.032
Published
2024-11-12
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.
CVSS Score
7.3
EPSS Score
0.012
Published
2024-10-08
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information
CVSS Score
7.5
EPSS Score
0.4
Published
2024-10-08
A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.038
Published
2024-10-08
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information.
CVSS Score
7.5
EPSS Score
0.431
Published
2024-10-08
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.
CVSS Score
7.3
EPSS Score
0.004
Published
2024-10-08
An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x allows an authenticated, privileged user to execute arbitrary commands as SYSTEM.
CVSS Score
7.2
EPSS Score
0.307
Published
2024-05-31
Page 2