An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. A local user with database access privileges can read the encrypted passwords for users who authenticate via LDAP to Avalanche services. These passwords are stored in the Avalanche databases. This issue only affects customers who have enabled LDAP authentication in their configuration.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://community.ivanti.com/docs/DOC-68406 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T07:10:46.654Z
Reserved: 2018-03-21T00:00:00
Link: CVE-2018-8901

No data.

Status : Modified
Published: 2018-06-29T15:29:00.413
Modified: 2024-11-21T04:14:33.857
Link: CVE-2018-8901

No data.

No data.