Home

Description

A security vulnerability within Ivanti Avalanche Manager before version 6.4.1 may allow an unauthenticated attacker to create a buffer overflow that could result in service disruption or arbitrary code execution.

PUBLISHED Reserved 2023-07-12 | Published 2025-07-12 | Updated 2026-02-26 | Assigner hackerone

Product status

Default status
unaffected

6.4.0 (custom) before 6.4.1
affected

References

forums.ivanti.com/...urity-Advisory-Avalanche-CVE-2023-38036

cve.org (CVE-2023-38036)

nvd.nist.gov (CVE-2023-38036)

Download JSON