When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
In the accompanying security advisory Avalanche said the two flaws are tracked as CVE-2024-24996, and CVE-2024-29204.
The attacks are low in complexity and dont need any interaction on the victims side.
What is Ivanti Avalanche?
“We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure.
These vulnerabilities were disclosed through our responsible disclosure program,” the company said.
The patch and necessary version information can be found onthis link.
It provides capabilities for equipment provisioning, configuration management, software distribution, remote troubleshooting, and security enforcement.
This includes tasks like deploying applications, enforcing security policies, and remotely troubleshooting issues.
ViaBleepingComputer
