What the vulnerability does

01Description

A command injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution.

Key dates

02Disclosure timeline

December 7, 2021 CVE published
August 4, 2024 Record updated