Vulnerabilities > CVE-2021-42127 - Deserialization of Untrusted Data vulnerability in Ivanti Avalanche
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using Inforail Service allows arbitrary code execution via Data Repository Service.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 |