Security Advisory

CVE-2025-8296

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-12 14:33:47

Last updated 2026-02-26 17:49:42

Assigner ivanti

State PUBLISHED

Description

SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrary SQL queries. In certain conditions, this can also lead to remote code execution

← Browse all CVEs View on cve.org ↗