all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-24-058: Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability

Add to bookmarks
Jan. 11, 2024, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to partially bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3. The following CVEs are assigned: CVE-2021-22962.

attackers authentication authentication bypass avalanche bypass bypass vulnerability cve cves cvss exploit ivanti ivanti avalanche rating vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-427: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability 1 day, 17 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +17
ZDI-24-426: Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability 1 day, 17 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +19
ZDI-24-425: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 1 day, 17 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-424: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 1 day, 17 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-423: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 1 day, 17 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-422: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 17 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-421: SonicWALL GMS Virtual Appliance ECMClientAuthenticator Hard-Coded Credential Authentication Bypass Vulnerability 1 day, 17 hours ago | www.zerodayinitiative.com
attackers authentication authentication bypass bypass +14
ZDI-24-420: SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability 1 day, 17 hours ago | www.zerodayinitiative.com
attackers authentication can cve +19
ZDI-24-419: (Pwn2Own) Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability 1 week ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Engineer

@ Celonis | Munich, Germany
View on infosec-jobs.com

Security Engineer, Cloud Threat Intelligence

@ Google | Reston, VA, USA; Kirkland, WA, USA
View on infosec-jobs.com

IT Security Analyst*

@ EDAG Group | Fulda, Hessen, DE, 36037
View on infosec-jobs.com

Scrum Master/ Agile Project Manager for Information Security (Temporary)

@ Guidehouse | Lagunilla de Heredia
View on infosec-jobs.com

Waste Incident Responder (Tanker Driver)

@ Severn Trent | Derby , England, GB
View on infosec-jobs.com

Risk Vulnerability Analyst w/Clearance - Colorado

@ Rothe | Colorado Springs, CO, United States
View on infosec-jobs.com
View more jobs