CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-38653

High Severity
Ivanti
SVRS
68/100
CVSSv3
7.5/10
EPSS
0.87334/1

CVE-2024-38653: XXE vulnerability in Ivanti Avalanche allows attackers to read sensitive files. This impacts versions up to 6.3.1, potentially exposing confidential data. The vulnerability resides in the SmartDeviceServer component, enabling an unauthenticated, remote attacker to exploit it. With an SVRS score of 68, while not critical, this vulnerability is a significant risk requiring close monitoring and mitigation planning. The remote file access could lead to further compromise of the system. Because the vulnerability is already tagged "In The Wild", it is important to apply appropriate security measures promptly to prevent potential data breaches and system compromise.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:N
A:N
PUBLICATION DATE2024-08-14
LAST MODIFIED2024-08-15

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Mehrere schwerwiegende Sicherheitslücken in Ivanti-Produkten - Updates verfügbar
CERT.at2025-04-01
Mehrere schwerwiegende Sicherheitslücken in Ivanti-Produkten - Updates verfügbar | Ivanti hat Updates für schwerwiegende Sicherheitslücken in mehreren seiner Produkte veröffentlicht. Von den nun behobenen Schwachstellen  sind folgende Produkte betroffen: Ivanti Avalanche Mehrere behobene Lücken betreffen Ivanti Avalanche - CVE-2024-38652, CVE-2024-38653, CVE-2024-36136, CVE
cert.at
rss
forum
news
ZDI-24-1150: Ivanti Avalanche decodeToMap XML External Entity Processing Information Disclosure Vulnerability
2024-08-15
ZDI-24-1150: Ivanti Avalanche decodeToMap XML External Entity Processing Information Disclosure Vulnerability | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.2. The following CVEs are assigned: CVE-2024-38653.
cve-2024-38653
cves
avalanche
xml

Social Media

Ivanti Avalanche の XXE の脆弱性 CVE-2024-38653 が FIX:PoC も提供 https://t.co/RVDu5DCyA3 #Avalanche #CyberAttack #Exploit #Ivanti #MobileManagement #PoCExploit #Vulnerability #XMLExternalEntity #XXE
0
0
0
Ivanti Avalanche is vulnerable to an XXE flaw identified as CVE-2024-38653, leading to the release of PoC exploits that do not require authentication. Details: https://t.co/TCLx2vNrmj #cybersecurity #infosec #infosecurity
0
0
0
PoC Exploit Releases for Unauthenticated XXE Flaw CVE-2024-38653 in Ivanti Avalanche Explore the technical details and exploits of CVE-2024-38653, a high-severity vulnerability in #Ivanti #Avalanche affecting multiple versions. https://t.co/X1A0AVKtm9
0
0
0
CVE-2024-38653 XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server. https://t.co/TlJSkmtrOl
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppIvantiavalanche

References

ReferenceLink
[email protected]https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373

CWE Details

CWE IDCWE NameDescription
CWE-611Improper Restriction of XML External Entity ReferenceThe software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence