Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the JwtTokenUtility class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15301.

Related CPE's

a

ivanti

avalanche

Vulnerable

References

https://download.wavelink.com/Files/avalanche_v6.3.4_release_notes.txt

Release Notes

https://www.zerodayinitiative.com/advisories/ZDI-22-776/

Third Party AdvisoryVDB Entry

Weaknesses

[email protected]

Primary
CWE-502

[email protected]

Secondary
CWE-502

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2023-03-29T19:15:11.897

1 year ago

Last modified

2023-04-06T12:54:25.590

1 year ago