CVE-2021-42125
published 2021-12-07CVE-2021-42125: An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous…
PriorityP274high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
81.60%
99.6th percentile
An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | avalanche | < 6.3.3 | 6.3.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability class is unrestricted file upload (CWE-434) combined with deserialization (CWE-502) via the Inforail Service in Ivanti Avalanche before 6.3.3; monitor for unexpected file writes through the Inforail Service endpoint. ↗
- ·Exploitation requires the attacker to already have access to the Inforail Service; scope of exposure depends on network segmentation of that service. ↗
- ·The vulnerability is patched in Ivanti Avalanche 6.3.3 and later; versions before 6.3.3 are affected. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ivanti
Ivanti Security Advisory: CVE-2021-42125
vendor_ivanti·2021-12-07·CVSS 8.8
CVE-2021-42125 [HIGH] CWE-434 Ivanti Security Advisory: CVE-2021-42125
Ivanti Security Advisory: CVE-2021-42125
An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files.
CVE IDs: CVE-2021-42125
CVSS Base Score: 8.8
Severity: HIGH
CWEs: CWE-434, CWE-502
GHSA
GHSA-pf9p-78xv-v5r8: An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6
ghsa_unreviewed·2021-12-08
CVE-2021-42125 [HIGH] CWE-434 GHSA-pf9p-78xv-v5r8: An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6
An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-12-07
Published