High severity7.8NVD Advisory· Published Jun 29, 2018· Updated Jun 17, 2026
CVE-2018-8901
CVE-2018-8901
Description
An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. A local user with database access privileges can read the encrypted passwords for users who authenticate via LDAP to Avalanche services. These passwords are stored in the Avalanche databases. This issue only affects customers who have enabled LDAP authentication in their configuration.
Affected products
1Patches
Vulnerability mechanics
References
1- community.ivanti.com/docs/DOC-68406nvdVendor Advisory
News mentions
0No linked articles in our index yet.