CVE-2023-46262

Name of the Vulnerable Software and Affected Versions Ivanti Avalanche (affected versions not specified)

Description The issue is related to a Server-Side Request Forgery (SSRF) in the Ivanti Avalanche Remote Control server. An unauthenticated attacker could send a specifically crafted web request to exploit this issue. The exploitation may allow a remote attacker to gain unauthorized access to protected information. The vulnerability is also associated with a buffer overflow in the validateAMCWSConnection method of the Avalanche mobile device management system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.