Vulnerabilities > Ivanti > Avalanche > 6.3.3

DATE CVE VULNERABILITY TITLE RISK
2023-03-29 CVE-2022-36974 Unspecified vulnerability in Ivanti Avalanche 6.3.2.3490/6.3.3/6.3.3.101
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490.
network
low complexity
ivanti
critical
 9.8
9.8
2023-03-29 CVE-2022-36975 Unspecified vulnerability in Ivanti Avalanche 6.3.2.3490/6.3.3/6.3.3.101
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490.
network
low complexity
ivanti
critical
 9.8
9.8
2023-03-29 CVE-2022-36976 Unspecified vulnerability in Ivanti Avalanche 6.3.2.3490/6.3.3/6.3.3.101
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490.
network
low complexity
ivanti
critical
 9.8
9.8
2023-03-29 CVE-2022-36977 Unspecified vulnerability in Ivanti Avalanche 6.3.2.3490/6.3.3/6.3.3.101
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490.
network
low complexity
ivanti
critical
 9.8
9.8
2023-03-29 CVE-2022-36978 Unspecified vulnerability in Ivanti Avalanche 6.3.2.3490/6.3.3/6.3.3.101
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490.
network
low complexity
ivanti
critical
 9.8
9.8
2023-03-29 CVE-2022-36979 Unspecified vulnerability in Ivanti Avalanche 6.3.2.3490/6.3.3/6.3.3.101
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490.
network
low complexity
ivanti
critical
 9.8
9.8
2023-03-29 CVE-2022-36980 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ivanti Avalanche 6.3.2.3490/6.3.3/6.3.3.101
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490.
network
high complexity
ivanti CWE-367
8.1
8.1
2023-03-10 CVE-2022-44574 Improper Authentication vulnerability in Ivanti Avalanche
An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port.
network
low complexity
ivanti CWE-287
7.5
7.5