Vulnerability Details CVE-2024-23531
An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to perform denial of service attacks. In certain rare conditions this could also lead to reading content from memory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.05
EPSS Ranking 89.1%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2024-23531
-
cpe:2.3:a:ivanti:avalanche:-
-
cpe:2.3:a:ivanti:avalanche:4.6
-
cpe:2.3:a:ivanti:avalanche:5.3
-
cpe:2.3:a:ivanti:avalanche:5.3.1
-
cpe:2.3:a:ivanti:avalanche:6.0
-
cpe:2.3:a:ivanti:avalanche:6.1
-
cpe:2.3:a:ivanti:avalanche:6.1.103.53
-
cpe:2.3:a:ivanti:avalanche:6.1.106.337
-
cpe:2.3:a:ivanti:avalanche:6.1.106.496
-
cpe:2.3:a:ivanti:avalanche:6.2
-
cpe:2.3:a:ivanti:avalanche:6.2.0
-
cpe:2.3:a:ivanti:avalanche:6.2.0.602
-
cpe:2.3:a:ivanti:avalanche:6.2.2
-
cpe:2.3:a:ivanti:avalanche:6.2.2.197
-
cpe:2.3:a:ivanti:avalanche:6.3.1
-
cpe:2.3:a:ivanti:avalanche:6.3.1.1507
-
cpe:2.3:a:ivanti:avalanche:6.3.2
-
cpe:2.3:a:ivanti:avalanche:6.3.2.3490
-
cpe:2.3:a:ivanti:avalanche:6.3.3
-
cpe:2.3:a:ivanti:avalanche:6.3.3.101
-
cpe:2.3:a:ivanti:avalanche:6.3.4
-
cpe:2.3:a:ivanti:avalanche:6.3.4.153
-
cpe:2.3:a:ivanti:avalanche:6.4.0
-
cpe:2.3:a:ivanti:avalanche:6.4.1
-
cpe:2.3:a:ivanti:avalanche:6.4.1.207
-
cpe:2.3:a:ivanti:avalanche:6.4.1.236
-
cpe:2.3:a:ivanti:avalanche:6.4.2