CVE-2021-42128
published 2021-12-07CVE-2021-42128: An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server…
PriorityP259critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
4.50%
90.3th percentile
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | avalanche | < 6.3.3 | 6.3.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability exists in Ivanti Avalanche before version 6.3.3 via the inforail Service, enabling privilege escalation through the Enterprise Server Service ↗
- ·No technical exploitation details, payloads, network indicators, or signatures were disclosed in the available sources. Detection engineering should focus on version identification (Ivanti Avalanche < 6.3.3) and monitoring of the inforail Service and Enterprise Server Service for anomalous privilege escalation activity. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ivanti
Ivanti Security Advisory: CVE-2021-42128
vendor_ivanti·2021-12-07·CVSS 9.8
CVE-2021-42128 [CRITICAL] CWE-749 Ivanti Security Advisory: CVE-2021-42128
Ivanti Security Advisory: CVE-2021-42128
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service.
CVE IDs: CVE-2021-42128
CVSS Base Score: 9.8
Severity: CRITICAL
CWEs: CWE-749
GHSA
GHSA-mfmh-5798-r2wm: An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6
ghsa_unreviewed·2021-12-08
CVE-2021-42128 [CRITICAL] CWE-269 GHSA-mfmh-5798-r2wm: An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-12-07
Published