CVE-2023-32561
published 2023-08-10CVE-2023-32561: A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed…
PriorityP349high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
2.23%
80.6th percentile
A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | avalanche | < 6.4.1 | 6.4.1 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv3.07.1HIGHCVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ivanti
Ivanti Security Advisory: CVE-2023-32561
vendor_ivanti·2023-08-10·CVSS 7.5
CVE-2023-32561 [HIGH] CWE-200 Ivanti Security Advisory: CVE-2023-32561
Ivanti Security Advisory: CVE-2023-32561
A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1.
CVE IDs: CVE-2023-32561
CVSS Base Score: 7.5
Severity: HIGH
CWEs: CWE-200
GHSA
GHSA-phr8-gxv9-j9vc: A previously generated artifact by an administrator could be accessed by an attacker
ghsa_unreviewed·2023-08-10
CVE-2023-32561 [HIGH] CWE-200 GHSA-phr8-gxv9-j9vc: A previously generated artifact by an administrator could be accessed by an attacker
A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-08-10
Published