CVE-2021-22893
Ivanti Pulse Connect Secure Use-After-Free Vulnerability
Severity Score
10.0
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
-
*SSVC
Descriptions
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.
Pulse Connect Secure versiones 9.0R3/9.1R1 y posteriores, es susceptible a una vulnerabilidad de omisión de autenticación expuesta por las funciones de Windows File Share Browser y Pulse Secure Collaboration de Pulse Connect Secure, que pueden permitir a un usuario no autenticado llevar a cabo una ejecución de código remoto arbitrario en Pulse Connect Secure gateway. Esta vulnerabilidad ha sido explotado en el wild
Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-01-06 CVE Reserved
- 2021-04-21 First Exploit
- 2021-04-23 CVE Published
- 2021-04-23 KEV Due Date
- 2021-11-03 Exploited in Wild
- 2024-06-24 EPSS Updated
- 2024-08-03 CVE Updated
CWE
- CWE-287: Improper Authentication
- CWE-416: Use After Free
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://kb.cert.org/vuls/id/213092 | Third Party Advisory |
|
| https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://github.com/Mad-robot/CVE-2021-22893 | 2021-04-21 | |
| https://github.com/orangmuda/CVE-2021-22893 | 2022-02-24 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://blog.pulsesecure.net/pulse-connect-secure-security-update | 2024-02-27 | |
| https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784 | 2024-02-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | - |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r1 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r2 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r2.1 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r3 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r3.1 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r3.2 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r3.3 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r3.5 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r4 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r4.1 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r5.0 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.0 Search vendor "Ivanti" for product "Connect Secure" and version "9.0" | r6.0 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | - |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r1 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r10.0 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r10.2 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r11.0 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r11.1 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r11.3 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r2 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r3 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r4 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r4.1 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r4.2 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r4.3 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r5 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r6 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r7 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r8 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r8.1 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r8.2 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r8.4 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r9 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r9.1 |
Affected
| ||||||
| Ivanti Search vendor "Ivanti" | Connect Secure Search vendor "Ivanti" for product "Connect Secure" | 9.1 Search vendor "Ivanti" for product "Connect Secure" and version "9.1" | r9.2 |
Affected
| ||||||