Ivanti has released 27 fixes for various reported vulnerabilities in its 2024 first-quarter release. None of the vulnerabilities are being actively exploited, according to the vendor.
The company recommends users download the Avalanche installer and update to the latest version of Avalanche 6.4.3, which will, in turn, apply all the fixes listed in the update.
Each of the vulnerabilities has a CVSS score, ranging from a 4.3, a vulnerability that can allow an authenticated remote attacker to view sensitive information in memory, to a 9.8, a heap overflow vulnerability in the WLAvalancheService part of Avalanche, prior to version 6.4.3, that allows a remote attacker to execute commands without authentication.
Ivanti urges its users to ensure that their MSSQL database password is readily available because it does not store the password. Users can download the Avalanche 6.4.3 release through Ivanti, along with information on next steps to take.
- SEO Powered Content & PR Distribution. Get Amplified Today.
- PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
- PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
- PlatoESG. Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
- PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
- Source: https://www.darkreading.com/vulnerabilities-threats/ivanti-releases-fixes-for-more-than-2-dozen-vulnerabilities
- :has
- :is
- :not
- 2%
- 2024
- 27
- 4
- 6
- 8
- 9
- a
- According
- actively
- All
- allow
- allows
- along
- an
- and
- Apply
- ARE
- attacker
- authenticated
- Authentication
- available
- Avalanche
- because
- being
- CAN
- company
- Database
- does
- download
- dozen
- ensure
- execute
- exploited
- fixes
- For
- from
- HTTPS
- in
- information
- IT
- ITS
- Ivanti
- jpg
- latest
- Listed
- Memory
- more
- next
- None
- of
- on
- part
- Password
- plato
- Plato Data Intelligence
- PlatoData
- Prior
- ranging
- readily
- recommends
- release
- Releases
- remote
- Reported
- score
- sensitive
- Steps
- store
- Take
- than
- that
- The
- their
- Through
- to
- TURN
- Update
- urges
- users
- various
- vendor
- version
- View
- Vulnerabilities
- vulnerability
- which
- will
- with
- without
- zephyrnet