Home

CVE-2021-22894

Description

A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
25.73

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r2.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r3Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r3.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r3.2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r3.3Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r3Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r4Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r4.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r4.2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r4.3Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r5Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r6Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r7Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r8Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r8.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r8.2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r8.4Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r3.5Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r4Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r4.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r5.0Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.0.r6.0Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r10.0Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r10.2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r11.0Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r11.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r11.3Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r9Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r9.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r9.2Windows
Vulnerabilities CVE-2021-22894,CVE-2021-22899,CVE-2021-22900,CVE-2021-22908 are affected in Ivanti Connect Secure 9.0.r1.0Windows
Vulnerabilities CVE-2021-22894,CVE-2021-22899,CVE-2021-22900,CVE-2021-22908 are affected in Ivanti Connect Secure 9.0.r2.0Windows
Vulnerabilities CVE-2021-22894,CVE-2021-22899,CVE-2021-22900,CVE-2021-22908 are affected in Ivanti Connect Secure 9.0.r3.0Windows
Vulnerabilities CVE-2021-22894,CVE-2021-22899,CVE-2021-22900,CVE-2021-22908 are affected in Ivanti Connect Secure 9.0.r4.0Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234