SQL Injection Vulnerability in Ivanti Avalanche Allows Privilege Escalation

SQL Injection Vulnerability in Ivanti Avalanche Allows Privilege Escalation

CVE-2021-42131 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.