What the vulnerability does
01Description
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
CVSS base score
7.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Key dates
02Disclosure timeline
November 12, 2024
CVE published
November 12, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop
CVE-2022-0711
CVE-2026-10028 Glib-networking: infinite loop in glib-networking gnutls backend allows remote denial of service via circular certificate chain
CVE-2023-42814 Denial of service from malicious image manifest in kyverno
CVE-2021-37621 Denial of service due to infinite loop in Image::printIFDStructure
