CVE-2025-8296 Information

Aug 13, 2025 cve

Description

SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrary SQL queries. In certain conditions this can also lead to remote code execution

Reference

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-CVE-2025-8296-CVE-2025-8297?language=en_US

CNNVD-202508-1059 (Published: 2025-08-12)

Share on: