{"id":1796,"date":"2025-04-26T19:35:10","date_gmt":"2025-04-26T19:35:10","guid":{"rendered":"http:\/\/localhost\/?p=1796"},"modified":"2025-04-26T19:35:10","modified_gmt":"2025-04-26T19:35:10","slug":"security-advisory-ivanti-avalanche-647-multiple-cves","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=1796","title":{"rendered":"Security Advisory Ivanti Avalanche 6.4.7 (Multiple CVEs)"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nSecurity Advisory Ivanti Avalanche 6.4.7 (Multiple CVEs)<\/td>\n<\/tr>\n
Type<\/th>\nivanti<\/td>\n<\/tr>\n
Published<\/th>\n2025-09-01T16:18:27<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-04-26T23:47:19<\/td>\n<\/tr>\n
CVSS Score<\/th>\n9.8 (CRITICAL)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nNETWORK<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nNONE<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nUNCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Availability Impact<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2024-13179, CVE-2024-13180, CVE-2024-13181, CVE-2024-47010, CVE-2024-47011<\/td>\n<\/tr>\n
CWE<\/th>\n<\/td>\n<\/tr>\n
Bulletin Family<\/th>\nsoftware<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n Summary<\/p>\n

Ivanti has released updates for Ivanti Avalanche which addresses three high severity vulnerabilities. Successful exploitation of CVE-2024-13181 could allow a remote unauthenticated attacker to bypass authentication. CVE-2024-13180 could allow a remote unauthenticated attacker to leak sensitive information. And CVE-2024-13179 could allow a remote unauthenticated attacker to bypass authentication.<\/p>\n

We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure.<\/p>\n

Vulnerability Details:<\/p>\n

CVE Number | Description | CVSS Score (Severity) | CVSS Vector | CWE
\n—|—|—|—|—
\nCVE-2024-13181 | Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010. | 7.3 (High) | CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L | CWE-22, CWE-288
\nCVE-2024-13180 | Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011. | 7.5 (High) | CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N | CWE-22
\nCVE-2024-13179 | Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. | 7.3 (High) | CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L | CWE-22, CWE-288 <\/p>\n

Affected Versions<\/p>\n

Product Name | Affected Version(s) | Affected CPE(s) | Resolved Version(s) | Patch Availability
\n—|—|—|—|—
\nIvanti Avalanche | 6.4.6 and prior | cpe:2.3:a:ivanti:avalanche:6.4.6:*:*:*:premise:*:*:* | 6.4.7 | Download Portal <\/p>\n

Solution<\/p>\n

This release is a full product install. Perform an in-place upgrade as per the product documentation.<\/p>\n

Acknowledgements<\/p>\n

Ivanti would like to thank the following for reporting the relevant issues and for working with Ivanti to help protect our customers:<\/p>\n

* Anonymous working with Trend Micro Zero Day Initiative<\/p>\n

Note: Ivanti is dedicated to ensuring the security and integrity of our enterprise software products. We recognize the vital role that security researchers, ethical hackers, and the broader security community play in identifying and reporting vulnerabilities. Visit HERE to learn more about our Vulnerability Disclosure Policy.<\/p>\n

FAQ<\/p>\n

1. Are you aware of any active exploitation of these vulnerabilities?<\/p>\n

We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program. <\/p>\n

2. How can I tell if I have been compromised?
\nCurrently, there is no known public exploitation of this vulnerability that could be used to provide a list of indicators of compromise.<\/p>\n

3. What should I do if I need help? <\/p>\n

If you have questions after reviewing this information, you can log a case and\/or request a call via the Success Portal.<\/p><\/div>\n<\/p><\/div>\n

\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n9.8<\/td>\n<\/tr>\n
Severity<\/th>\nCRITICAL<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n