HTTP Sensitive Data Leakage & DoS via Crafted Request, fixed in 6.4.1
CVE-2023-32566 Published on August 10, 2023

An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1.

NVD

Products Associated with CVE-2023-32566

stack.watch emails you whenever new vulnerabilities are published in Ivanti Avalanche or Apache Httpclient. Just hit a watch button to start following.

Ivanti Avalanche

Apache Httpclient

Affected Versions

Ivanti Avalanche:

Version 6.4.xxx and below 6.4.xxx is unaffected.

Exploit Probability

EPSS

1.06%

Percentile

77.35%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

HTTP Sensitive Data Leakage & DoS via Crafted Request, fixed in 6.4.1CVE-2023-32566 Published on August 10, 2023

Products Associated with CVE-2023-32566

Affected Versions

Exploit Probability

HTTP Sensitive Data Leakage & DoS via Crafted Request, fixed in 6.4.1
CVE-2023-32566 Published on August 10, 2023