A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
References
Configurations
No configuration.
History
21 Nov 2024, 08:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US - |
03 Jul 2024, 01:47
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-22 |
19 Apr 2024, 13:10
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
19 Apr 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-19 02:15
Updated : 2024-11-21 08:57
NVD link : CVE-2024-23535
Mitre link : CVE-2024-23535
CVE.ORG link : CVE-2024-23535
JSON object : View
Products Affected
No product.
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')