CVE-2023-46263

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 19, 2023

Updated: Dec 21, 2023

CWE ID 434

Summary

CVE-2023-46263 is a vulnerability affecting Avalanche versions 6.4.1 and below. This issue permits an unauthenticated attacker to upload a dangerous file type, bypassing restrictions, leading to potential remote code execution. Successful exploitation could result in significant security risks, making it essential for users to update their systems promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Ivanti Avalanche

Affected Vendors

Ivanti Software Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tEvIXI
https://www.cve.org/CVERecord?id=CVE-2023-46263
https://nvd.nist.gov/vuln/detail/CVE-2023-46263

Back to Vulnerability Database