CVE-2018-8901

An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. A local user with database access privileges can read the encrypted passwords for users who authenticate via LDAP to Avalanche services. These passwords are stored in the Avalanche databases. This issue only affects customers who have enabled LDAP authentication in their configuration.
References
Link Resource
https://community.ivanti.com/docs/DOC-68406 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-06-29 15:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-8901

Mitre link : CVE-2018-8901

CVE.ORG link : CVE-2018-8901


JSON object : View

Products Affected

ivanti

  • avalanche