U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2024-36136

Change History

Initial Analysis by NIST 8/15/2024 1:31:15 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:ivanti:avalanche:6.3.1:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.1.1507:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:windows:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:*:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.2.3490:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:*:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.3:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:*:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.3.101:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:*:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.4:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.3.4.153:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.4.0:*:*:*:*:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:*:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.4.1:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.4.1.207:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.4.1.236:*:*:*:premise:*:*:*
     *cpe:2.3:a:ivanti:avalanche:6.4.2:*:*:*:premise:*:*:*
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Added CWE

								
							
							
						
NIST CWE-193
Changed Reference Type
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373 No Types Assigned
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373 Vendor Advisory