CVE-2021-42126 - AskarLabs CVE Database

CVE-2021-42126

Vendor N/A

Product Ivanti Avalanche

Weakness CWE-285

Published December 7, 2021

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.

Key dates

02Disclosure timeline

December 7, 2021 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-42126

Related vulnerabilities

04Related CVE

CVE-2023-41819 CVE-2023-28634 GLPI vulnerable to Privilege Escalation from Technician to Super-Admin CVE-2025-10987 YunaiV yudao-cloud HTTP Request transfer improper authorization CVE-2021-42332 ShinHer Information Co., LTD. ShinHer StudyOnline System - Improper Authorization-3 CVE-2020-26183