CVE-2021-42125

CVE-2021-42125

Vendor N/A
Product Ivanti Avalance
Weakness CWE-502 · Unsafe deserialization
Published December 7, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files.

Key dates

02Disclosure timeline

December 7, 2021 CVE published
August 4, 2024 Record updated