A deserialization of untrusted data vulnerability exists...
High severity
Unreviewed
Published
Dec 8, 2021
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Dec 7, 2021
Published to the GitHub Advisory Database
Dec 8, 2021
Last updated
Feb 1, 2023
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution.
References