CVSS: 9.0EPSS: 0%CPEs: 41EXPL: 0CVE-2021-22894 – Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-22894
A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room. Se presenta una vulnerabilidad de Desbordamiento del Búfer en Pulse Connect Secure versiones anteriores a 9.1R11.4, permite a un atacante autenticado remoto ejecutar código arbitrario como usuario root por medio de una sala de reuniones diseñada con fines maliciosos Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room. • https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/?kA23Z000000boUWSAY • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 67%CPEs: 26EXPL: 0CVE-2021-22908
https://notcve.org/view.php?id=CVE-2021-22908
A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default. Se presenta una vulnerabilidad de Desbordamiento del Búfer en Windows File Resource Profiles versión 9.X, que permite a un usuario autenticado remoto con privilegios para explorar recursos compartidos SMB ejecutar código arbitrario como usuario root. A partir de la versión 9.1R3, este permiso no está habilitado por defecto • https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44800 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 96%CPEs: 36EXPL: 2CVE-2021-22893 – Ivanti Pulse Connect Secure Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-22893
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild. Pulse Connect Secure versiones 9.0R3/9.1R1 y posteriores, es susceptible a una vulnerabilidad de omisión de autenticación expuesta por las funciones de Windows File Share Browser y Pulse Secure Collaboration de Pulse Connect Secure, que pueden permitir a un usuario no autenticado llevar a cabo una ejecución de código remoto arbitrario en Pulse Connect Secure gateway. Esta vulnerabilidad ha sido explotado en el wild Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services. • https://github.com/Mad-robot/CVE-2021-22893 https://github.com/orangmuda/CVE-2021-22893 https://blog.pulsesecure.net/pulse-connect-secure-security-update https://kb.cert.org/vuls/id/213092 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784 https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html • CWE-287: Improper Authentication CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 18EXPL: 0CVE-2020-8262
https://notcve.org/view.php?id=CVE-2020-8262
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface. Una vulnerabilidad en Pulse Connect Secure / Pulse Policy Secure versiones por debajo de 9.1R9, podría permitir a atacantes conducir ataques de tipo Cross-Site Scripting (XSS) y Redireccionamiento Abierto para la interfaz de usuario web autenticada • https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0CVE-2020-8261
https://notcve.org/view.php?id=CVE-2020-8261
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection. Una vulnerabilidad en Pulse Connect Secure / Pulse Policy Secure versiones anteriores a 9.1R9, es vulnerable a una inyección de cookies arbitraria • https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •