Vulnerabilities > Ivanti > Avalanche > 6.4.6

DATE CVE VULNERABILITY TITLE RISK
2025-01-14 CVE-2024-13179 Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.
network
low complexity
ivanti CWE-22
critical
 9.8
9.8
2025-01-14 CVE-2024-13180 Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information.
network
low complexity
ivanti CWE-22
7.5
7.5