Vulnerabilities > CVE-2024-47008 - Server-Side Request Forgery (SSRF) vulnerability in Ivanti Avalanche

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ivanti
CWE-918

Summary

Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information.

Common Weakness Enumeration (CWE)