Command Injection Vulnerability in Ivanti Avalanche before 6.3.3 Allows Arbitrary Command Execution

Command Injection Vulnerability in Ivanti Avalanche before 6.3.3 Allows Arbitrary Command Execution

CVE-2021-42132 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A command Injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution.

Learn more about our Web Application Penetration Testing UK.