CVE-2023-32561

Name of the Vulnerable Software and Affected Versions Ivanti Avalanche versions prior to 6.4.1

Description A previously generated artifact by an administrator could be accessed by an attacker, potentially leading to authentication bypass. The vulnerability is related to errors during the authentication procedure in the Ivanti Avalanche mobile device management system. Exploitation of this issue could allow a remote attacker to elevate their privileges.

Recommendations For versions prior to 6.4.1, update to version 6.4.1 to resolve the issue. As a temporary workaround, consider restricting access to the dumpHeap method to minimize the risk of exploitation.