What the vulnerability does

01Description

A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.

Key dates

02Disclosure timeline

December 7, 2021 CVE published
August 4, 2024 Record updated