CVSS: 7.2EPSS: 0%CPEs: 41EXPL: 0CVE-2021-22900 – Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2021-22900
A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface. Una vulnerabilidad permitió múltiples cargas sin restricciones en Pulse Connect Secure versiones anteriores a 9.1R11.4, que podrían conllevar a un administrador autenticado llevar a cabo una escritura de archivo por medio de una carga de archivo diseñada con fines maliciosos en la interfaz web del administrador Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface. • https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/?kA23Z000000boUWSAY • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-669: Incorrect Resource Transfer Between Spheres •
CVSS: 8.8EPSS: 0%CPEs: 42EXPL: 0CVE-2021-22899 – Ivanti Pulse Connect Secure Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-22899
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature Se presenta una vulnerabilidad de inyección de comandos en Pulse Connect Secure antes de 9.1R11.4 que permite a un atacante autenticado remoto llevar a cabo una ejecución de código remota por medio de Windows Resource Profiles Feature Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles. • https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/?kA23Z000000boUWSAY • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 41EXPL: 0CVE-2021-22894 – Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-22894
A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room. Se presenta una vulnerabilidad de Desbordamiento del Búfer en Pulse Connect Secure versiones anteriores a 9.1R11.4, permite a un atacante autenticado remoto ejecutar código arbitrario como usuario root por medio de una sala de reuniones diseñada con fines maliciosos Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room. • https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/?kA23Z000000boUWSAY • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 67%CPEs: 26EXPL: 0CVE-2021-22908
https://notcve.org/view.php?id=CVE-2021-22908
A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default. Se presenta una vulnerabilidad de Desbordamiento del Búfer en Windows File Resource Profiles versión 9.X, que permite a un usuario autenticado remoto con privilegios para explorar recursos compartidos SMB ejecutar código arbitrario como usuario root. A partir de la versión 9.1R3, este permiso no está habilitado por defecto • https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44800 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 96%CPEs: 36EXPL: 2CVE-2021-22893 – Ivanti Pulse Connect Secure Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-22893
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild. Pulse Connect Secure versiones 9.0R3/9.1R1 y posteriores, es susceptible a una vulnerabilidad de omisión de autenticación expuesta por las funciones de Windows File Share Browser y Pulse Secure Collaboration de Pulse Connect Secure, que pueden permitir a un usuario no autenticado llevar a cabo una ejecución de código remoto arbitrario en Pulse Connect Secure gateway. Esta vulnerabilidad ha sido explotado en el wild Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services. • https://github.com/Mad-robot/CVE-2021-22893 https://github.com/orangmuda/CVE-2021-22893 https://blog.pulsesecure.net/pulse-connect-secure-security-update https://kb.cert.org/vuls/id/213092 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784 https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html • CWE-287: Improper Authentication CWE-416: Use After Free •