CVE-2023-32564

Опубликовано: 10 авг. 2023

Источник: nvd

CVSS3: 6.8

CVSS3: 9.8

EPSS Средний

Описание

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.

Ссылки

https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US
Vendor Advisory
https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*

Версия до 6.4.1 (исключая)

EPSS

Процентиль: 96%

0.27344

Средний

6.8 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-pxwm-4jgh-gv2g

CVSS3: 6.8

github

больше 2 лет назад

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.

EPSS

Процентиль: 96%

0.27344

Средний

6.8 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-434