Shodan
Vulnerabilities
Vulnerable Software
Ivanti:  >> Avalanche  >> 6.1.106.337  Security Vulnerabilities
CVE-2023-46222
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVSS Score
9.8
EPSS Score
0.019
Published
2023-12-19
CVE-2023-46223
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVSS Score
9.8
EPSS Score
0.032
Published
2023-12-19
CVE-2023-41727
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVSS Score
9.8
EPSS Score
0.019
Published
2023-12-19
CVE-2021-22962
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack.
CVSS Score
7.3
EPSS Score
0.278
Published
2023-12-19
CVE-2023-41725
Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability
CVSS Score
7.8
EPSS Score
0.002
Published
2023-11-03
CVE-2023-41726
Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-03
CVE-2022-43554
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-03
CVE-2022-43555
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-03
CVE-2023-32560
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1.
CVSS Score
8.8
EPSS Score
0.919
Published
2023-08-10
CVE-2023-32561
A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-08-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved