CVE-2021-42133

High

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service…

hackerone·CWE-434·Published 2021-12-07

CVSS

8.1

EPSS

0.03

KEV

Exploits

cve.orgen

174 chars

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write.

NVDen

174 chars

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write.

Se presenta una vulnerabilidad de función peligrosa expuesta en Ivanti Avalanche versiones anteriores a 6.3.3, que permite a un atacante con acceso al servicio Inforail llevar a cabo una escritura de archivo arbitraria

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.5	8.0	4.9	AV:N/AC:L/Au:S/C:N/I:P/A:P
3.1	Primary	NVD	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H