CVE-2021-22900

CVSS 7.2 HIGHEPSS 14.1%● KEVCWE-94

Vexday Risk Score

56Attention

SSVC decision (CISA)

Act

Exploitation + impact → act immediately

CVSS 7.2EPSS 14.1%KEV simPoC —Nuclei —Metasploit —Patch —

Lifecycle

27 May 2021Published on NVD

03 Nov 2021Active exploitation (CISA KEV)

Recommendation: Patch as soon as possible — active exploitation confirmed.

In short

An authenticated administrator could upload a malicious archive file through the Pulse Connect Secure web interface, allowing them to write arbitrary files to the system. This vulnerability affects versions before 9.1R11.4.

Technical detail

CWE-94 (Improper Control of Generation of Code) manifests via unrestricted archive uploads in the admin interface. An authenticated administrator can craft a malicious archive to write files to the system due to insufficient validation of archive contents. Exploitation requires admin privileges and affects Pulse Connect Secure versions prior to 9.1R11.4.

Summary generated and translated by AI from the official description.

A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

n/a · Pulse Secure Secure

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/?kA23Z000000boUWSAY https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22900