CVE-2023-32562: Malicious File Upload
First published: Thu Aug 10 2023(Updated: )
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1.
Credit: support@hackerone.com support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ivanti Avalanche | <6.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-32562?
The severity of CVE-2023-32562 is critical with a score of 9.8.
What is the description of CVE-2023-32562?
CVE-2023-32562 is an unrestricted upload of file with dangerous type vulnerability that exists in Avalanche versions 6.3.x and below, allowing an attacker to achieve remote code execution. It has been fixed in version 6.4.1.
How can I fix CVE-2023-32562?
To fix CVE-2023-32562, you should update Avalanche to version 6.4.1 or above.
What is the affected software for CVE-2023-32562?
The affected software for CVE-2023-32562 is Ivanti Avalanche versions 6.3.x and below.
Where can I find more information about CVE-2023-32562?
You can find more information about CVE-2023-32562 in the Ivanti Avalanche Vulnerabilities Addressed in 6.4.1 article: [link](https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US)
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ivanti
- canonical/ivanti avalanche