exploitDog

CVE-2023-38036

Опубликовано: 12 июл. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

A security vulnerability within Ivanti Avalanche Manager before version 6.4.1 may allow an unauthenticated attacker to create a buffer overflow that could result in service disruption or arbitrary code execution.

Ссылки

https://forums.ivanti.com/s/article/Security-Advisory-Avalanche-CVE-2023-38036
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*

Версия до 6.4.1 (исключая)

EPSS

Процентиль: 83%

0.02033

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-120

Связанные уязвимости

GHSA-rmcg-3298-c99g

CVSS3: 9.8

github

7 месяцев назад

A security vulnerability within Ivanti Avalanche Manager before version 6.4.1 may allow an unauthenticated attacker to create a buffer overflow that could result in service disruption or arbitrary code execution.

EPSS

Процентиль: 83%

0.02033

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-120