Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-24997

Summary
Assigner-hackerone
Assigner Org ID-36234546-b8fa-4601-9d6f-f4e334aa8ea1
Published At-19 Apr, 2024 | 01:10
Updated At-01 Aug, 2024 | 23:36
Rejected At-
Credits

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hackerone
Assigner Org ID:36234546-b8fa-4601-9d6f-f4e334aa8ea1
Published At:19 Apr, 2024 | 01:10
Updated At:01 Aug, 2024 | 23:36
Rejected At:
▼CVE Numbering Authority (CNA)

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Affected Products
Vendor
Ivanti SoftwareIvanti
Product
Avalanche
Default Status
unaffected
Versions
Affected
  • From 6.4.3 before 6.4.3 (semver)
Metrics
VersionBase scoreBase severityVector
3.08.8HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US
N/A
Hyperlink: https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Ivanti Softwareivanti
Product
avalanche
CPEs
  • cpe:2.3:a:ivanti:avalanche:6.4.3:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 6.4.3 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-22CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Type: CWE
CWE ID: CWE-22
Description: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US
x_transferred
Hyperlink: https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:support@hackerone.com
Published At:19 Apr, 2024 | 02:15
Updated At:06 May, 2025 | 18:22

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.08.8HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Ivanti Software
ivanti
>>avalanche>>Versions before 6.4.3.528(exclusive)
cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-22
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_USsupport@hackerone.com
Vendor Advisory
https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_USaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US
Source: support@hackerone.com
Resource:
Vendor Advisory
Hyperlink: https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

416Records found
CVE-2024-27976
Matching Score-10
Assigner-HackerOne
ShareView Details
Matching Score-10
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-2.77% / 85.47%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-25000
Matching Score-10
Assigner-HackerOne
ShareView Details
Matching Score-10
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-2.77% / 85.47%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-24992
Matching Score-10
Assigner-HackerOne
ShareView Details
Matching Score-10
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-55.89% / 98.00%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-24994
Matching Score-10
Assigner-HackerOne
ShareView Details
Matching Score-10
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-41.99% / 97.34%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-24999
Matching Score-10
Assigner-HackerOne
ShareView Details
Matching Score-10
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-5.24% / 89.58%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvlancheavalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-36981
Matching Score-10
Assigner-Zero Day Initiative
ShareView Details
Matching Score-10
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-31.60% / 96.63%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-18 Feb, 2025 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DeviceLogResource class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15966.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-23535
Matching Score-10
Assigner-HackerOne
ShareView Details
Matching Score-10
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-41.99% / 97.34%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-27975
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-1.51% / 80.44%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Use-after-free vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-416
Use After Free
CVE-2024-24998
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-2.77% / 85.47%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-31
Path Traversal: 'dir\..\..\filename'
CVE-2024-24995
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-2.07% / 83.19%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-24993
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-1.07% / 76.81%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-23534
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-1.95% / 82.69%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-21888
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-61.19% / 98.25%
||
7 Day CHG~0.00%
Published-31 Jan, 2024 | 17:51
Updated-03 Jun, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.

Action-Not Available
Vendor-Ivanti Software
Product-policy_secureconnect_secureICSIPSpolicy_secureconnect_secure
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-4428
Matching Score-8
Assigner-Ivanti
ShareView Details
Matching Score-8
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-30.50% / 96.54%
||
7 Day CHG+7.16%
Published-13 May, 2025 | 15:46
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-06-09||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Remote Code Execution

Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_mobileEndpoint Manager MobileEndpoint Manager Mobile (EPMM)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-22899
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-44.95% / 97.50%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 11:15
Updated-30 Jul, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-04-23||Apply updates per vendor instructions.

A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature

Action-Not Available
Vendor-n/aIvanti Software
Product-connect_securePulse Connect SecurePulse Connect Secure
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-22908
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-31.77% / 96.65%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 11:14
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default.

Action-Not Available
Vendor-n/aIvanti SoftwarePulse Secure
Product-pulse_connect_secureconnect_securePulse Connect Secure
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-22467
Matching Score-8
Assigner-Ivanti
ShareView Details
Matching Score-8
Assigner-Ivanti
CVSS Score-9.9||CRITICAL
EPSS-31.33% / 96.61%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 15:20
Updated-20 Feb, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-connect_secureConnect Secure
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-9844
Matching Score-8
Assigner-Ivanti
ShareView Details
Matching Score-8
Assigner-Ivanti
CVSS Score-7.1||HIGH
EPSS-2.82% / 85.59%
||
7 Day CHG+0.40%
Published-10 Dec, 2024 | 18:46
Updated-17 Jan, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions.

Action-Not Available
Vendor-Ivanti Software
Product-connect_secureConnect Secure
CWE ID-CWE-602
Client-Side Enforcement of Server-Side Security
CVE-2024-9420
Matching Score-8
Assigner-Ivanti
ShareView Details
Matching Score-8
Assigner-Ivanti
CVSS Score-8.8||HIGH
EPSS-28.01% / 96.29%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 15:57
Updated-13 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution

Action-Not Available
Vendor-Ivanti Software
Product-connect_securepolicy_secureConnect SecurePolicy Secureconnect_securepolicy_secure
CWE ID-CWE-416
Use After Free
CVE-2024-8322
Matching Score-8
Assigner-Ivanti
ShareView Details
Matching Score-8
Assigner-Ivanti
CVSS Score-4.3||MEDIUM
EPSS-0.62% / 69.11%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 20:59
Updated-12 Sep, 2024 | 21:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_managerEndpoint Manager
CWE ID-CWE-1390
Weak Authentication
CVE-2022-22572
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-24.66% / 95.92%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:38
Updated-03 Aug, 2024 | 03:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.

Action-Not Available
Vendor-n/aIvanti Software
Product-incapptic_connectIvanti Incapptic Connect
CVE-2021-42124
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-5.75% / 90.11%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 13:12
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform a session takeover.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheIvanti Avalanche
CWE ID-CWE-284
Improper Access Control
CVE-2021-42126
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-7.60% / 91.47%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 13:12
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheIvanti Avalanche
CWE ID-CWE-285
Improper Authorization
CVE-2021-42132
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-51.66% / 97.81%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 13:13
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command Injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheIvanti Avalanche
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-42125
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-49.35% / 97.71%
||
7 Day CHG-1.82%
Published-07 Dec, 2021 | 13:12
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheIvanti Avalance
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-42131
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-40.90% / 97.28%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 13:13
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheIvanti Avalanche
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-42130
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-54.26% / 97.93%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 13:13
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheIvanti Avalanche
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2021-42129
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-51.66% / 97.81%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 13:13
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheIvanti Avalanche
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-22894
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-49.66% / 97.73%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 11:15
Updated-30 Jul, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-04-23||Apply updates per vendor instructions.

A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room.

Action-Not Available
Vendor-n/aIvanti Software
Product-connect_securePulse Connect SecurePulse Connect Secure
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-11509
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-7.26% / 91.26%
||
7 Day CHG~0.00%
Published-03 Jun, 2019 | 19:34
Updated-04 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance.

Action-Not Available
Vendor-n/aIvanti SoftwarePulse Secure
Product-pulse_policy_securepolicy_secureconnect_securen/a
CVE-2024-22059
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-4.22% / 88.29%
||
7 Day CHG~0.00%
Published-31 May, 2024 | 17:38
Updated-01 Aug, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to DoS.

Action-Not Available
Vendor-Ivanti Software
Product-ITSMneurons_for_itsm
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-36971
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-9.8||CRITICAL
EPSS-19.40% / 95.16%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-18 Feb, 2025 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the JwtTokenUtility class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15301.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-36973
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-9.1||CRITICAL
EPSS-1.93% / 82.63%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-18 Feb, 2025 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15329.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2020-13769
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-5.84% / 90.19%
||
7 Day CHG~0.00%
Published-16 Nov, 2020 | 15:28
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request.

Action-Not Available
Vendor-n/aIvanti Software
Product-endpoint_managern/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-36131
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-1.63% / 81.15%
||
7 Day CHG-1.31%
Published-07 Aug, 2024 | 03:54
Updated-21 Aug, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_mobileEPMMendpoint_manager_mobile
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2017-11463
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.16% / 77.67%
||
7 Day CHG~0.00%
Published-11 Dec, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. In other words, a normal user can send requests to a specific URI with the target user's username in an HTTP payload in order to retrieve a key/token and use it to access/update objects belonging to other users. Such objects could be user profiles, tickets, incidents, etc.

Action-Not Available
Vendor-n/aIvanti Software
Product-endpoint_managern/a
CVE-2024-13158
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-38.33% / 97.13%
||
7 Day CHG+12.76%
Published-14 Jan, 2025 | 17:13
Updated-12 Aug, 2025 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_managerEndpoint Manager
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-426
Untrusted Search Path
CVE-2024-13179
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.3||HIGH
EPSS-14.31% / 94.14%
||
7 Day CHG+5.85%
Published-14 Jan, 2025 | 16:51
Updated-16 Jan, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2024-13180
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.5||HIGH
EPSS-5.52% / 89.87%
||
7 Day CHG+1.19%
Published-14 Jan, 2025 | 16:52
Updated-16 Jan, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-13181
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.3||HIGH
EPSS-13.36% / 93.91%
||
7 Day CHG+5.51%
Published-14 Jan, 2025 | 16:53
Updated-16 Jan, 2025 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2024-11771
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-5.3||MEDIUM
EPSS-1.45% / 79.97%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 15:19
Updated-14 Jul, 2025 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality.

Action-Not Available
Vendor-Ivanti Software
Product-cloud_services_applianceCloud Services Application
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-10811
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-9.8||CRITICAL
EPSS-11.26% / 93.25%
||
7 Day CHG+2.28%
Published-14 Jan, 2025 | 16:59
Updated-17 Jun, 2025 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_managerEndpoint Manager
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-36
Absolute Path Traversal
CVE-2021-30497
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-93.20% / 99.79%
||
7 Day CHG~0.00%
Published-06 Apr, 2022 | 01:22
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive information via the C:/Windows/system32/config/system.sav value.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalanchen/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-8963
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-9.4||CRITICAL
EPSS-94.31% / 99.94%
||
7 Day CHG~0.00%
Published-19 Sep, 2024 | 17:14
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-10-10||As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive security updates.

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_cloud_services_applianceCSA (Cloud Services Appliance)endpoint_manager_cloud_services_applianceCloud Services Appliance (CSA)
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-41474
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-73.34% / 98.74%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 00:00
Updated-12 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalanchen/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-22933
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-6.5||MEDIUM
EPSS-6.31% / 90.57%
||
7 Day CHG~0.00%
Published-16 Aug, 2021 | 18:38
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request.

Action-Not Available
Vendor-n/aIvanti SoftwarePulse Secure
Product-pulse_connect_secureconnect_securePulse Connect Secure
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-34298
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.08% / 25.49%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:57
Updated-13 Aug, 2025 | 12:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability

Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Pulse Secure Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within SetupService. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service. Was ZDI-CAN-17687.

Action-Not Available
Vendor-Pulse SecureIvanti Software
Product-secure_access_clientpulse_secure_installer_servicepulse_secure_desktop_clientClientclient
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-35081
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.2||HIGH
EPSS-93.21% / 99.79%
||
7 Day CHG~0.00%
Published-03 Aug, 2023 | 17:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-08-21||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_mobileEPMMEndpoint Manager Mobile (EPMM)
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-9381
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-9.79% / 92.66%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 16:25
Updated-16 Oct, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_cloud_services_applianceCSA (Cloud Services Appliance)endpoint_manager_cloud_services_appliance
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-36982
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-6.5||MEDIUM
EPSS-0.85% / 73.88%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-18 Feb, 2025 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to read arbitrary files on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AgentTaskHandler class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored session cookies, leading to further compromise. Was ZDI-CAN-15967.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 8
  • 9
  • Next
Details not found