Authentication Bypass Vulnerability in Avalanche Versions 6.3.x and Below

Authentication Bypass Vulnerability in Avalanche Versions 6.3.x and Below

CVE-2023-28126 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message.

Learn more about our User Device Pen Test.