vulnerability

Pulse Secure Pulse Connect Secure: CVE-2021-22893: Multiple Vulnerabilities Resolved in Pulse Connect Secure 9.1R11.4 (SA44784)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	04/19/2021	04/20/2021	02/20/2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

04/19/2021

Added

04/20/2021

Modified

02/20/2024

Description

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.

Solution

pulse-secure-pulse-connect-secure-upgrade-9_1r11_4

References

CVE-2021-22893
https://attackerkb.com/topics/CVE-2021-22893
URL-https://forums.ivanti.com/s/article/SA44784?language=en_US

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today