Lucene search
HackeroneCVE-2023-46223HistoryDec 19, 2023 - 4:15 p.m.
CVE-2023-46223
2023-12-1916:15:09
CWE-787
CWE-121
hackerone
web.nvd.nist.gov
12
cve-2023-46223
mobile device server
memory corruption
dos
code execution
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.008
Percentile
82.5%
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
Affected configurations
Node
ivantiavalancheRange<6.4.2premise
microsoftwindowsMatch-
CNA Affected
[
{
"defaultStatus": "affected",
"vendor": "Ivanti",
"product": "Avalanche",
"versions": [
{
"version": "6.4.1",
"status": "unaffected",
"lessThanOrEqual": "6.4.1",
"versionType": "semver"
}
]
}
]Related
zdi
zdi
prion
prion
Memory corruption
2023-12-19 16:15:00
cvelist
cvelist
CVE-2023-46223
2023-12-19 15:43:26
nvd
nvd
CVE-2023-46223
2023-12-19 16:15:09
vulnrichment
vulnrichment
CVE-2023-46223
2023-12-19 15:43:26
nessus
nessus
Ivanti Avalanche < 6.4.2 Multiple Vulnerabilities
2024-02-09 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.008
Percentile
82.5%
Related for CVE-2023-46223