Lucene search
HackeroneCVE-2023-46224HistoryDec 19, 2023 - 4:15 p.m.
CVE-2023-46224
2023-12-1916:15:10
CWE-787
hackerone
web.nvd.nist.gov
17
cve-2023-46224
mobile device server
memory corruption
dos
code execution
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.009
Percentile
82.7%
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
Affected configurations
Node
microsoftwindowsMatch-
ivantiavalancheRange<6.4.2premise
CNA Affected
[
{
"defaultStatus": "unaffected",
"vendor": "Ivanti",
"product": "Avalanche",
"versions": [
{
"version": "6.4.1",
"status": "affected",
"lessThanOrEqual": "6.4.1",
"versionType": "semver"
}
]
}
]Related
cvelist
cvelist
CVE-2023-46224
2023-12-19 15:43:26
vulnrichment
vulnrichment
CVE-2023-46224
2023-12-19 15:43:26
zdi
zdi
nvd
nvd
CVE-2023-46224
2023-12-19 16:15:10
prion
prion
Memory corruption
2023-12-19 16:15:00
nessus
nessus
Ivanti Avalanche < 6.4.2 Multiple Vulnerabilities
2024-02-09 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.009
Percentile
82.7%
Related for CVE-2023-46224