CVE-2024-50319

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 12, 2024

Updated: Nov 13, 2024

CWE ID 835

Summary

CVE-2024-50319 is a newly disclosed vulnerability affecting Ivanti Avalanche prior to version 6.4.6. An attacker can exploit this issue through remote means to trigger an infinite loop, resulting in a denial of service (DoS) condition. This vulnerability could potentially impact the availability and functionality of impacted Ivanti Avalanche instances. Ivanti urges users to promptly update their software to mitigate this risk. The infinite loop, unchecked in the affected software, allows an attacker to cause significant disruption without requiring authentication.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Ivanti Avalanche

Affected Vendors

Ivanti Software Inc.

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners