CVE-2023-28126

Published: May 9, 2023Modified: Jan 29, 2025

5.9

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message.

Affected (1)

Products: Ivanti: Avalanche

Ivanti

1 product

Avalanche

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ivanti Avalanche	Up to 6.3.4.153

Related CWEs

CWE-305

Authentication Bypass by Primary Weakness

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (2)

https://forums.ivanti.com/s/article/ZDI-CAN-17750-Ivanti-Avalanche-EnterpriseServer-GetSettings-Exposed-Dangerous-Method-Authentication-Bypass-Vulnerability?language=en_US

Source: support@hackerone.com

Vendor Advisory

https://forums.ivanti.com/s/article/ZDI-CAN-17750-Ivanti-Avalanche-EnterpriseServer-GetSettings-Exposed-Dangerous-Method-Authentication-Bypass-Vulnerability?language=en_US

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.