VYPR
Unrated severityNVD Advisory· Published May 31, 2024· Updated Sep 19, 2024

CVE-2024-29848

CVE-2024-29848

Description

An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x allows an authenticated, privileged user to execute arbitrary commands as SYSTEM.

Affected products

2
  • Ivanti/Avalanchellm-fuzzy2 versions
    <6.4+ 1 more
    • (no CPE)range: <6.4
    • (no CPE)range: 6.4.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.