Severity.io | CVE-2021-22893

Description

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.

a pulsesecure pulse_connect_secure 9.0 r1 ******

a pulsesecure pulse_connect_secure 9.0 r2 ******

a pulsesecure pulse_connect_secure 9.0 r2.1 ******

a pulsesecure pulse_connect_secure 9.0 r3 ******

a pulsesecure pulse_connect_secure 9.0 r3.1 ******

a pulsesecure pulse_connect_secure 9.0 r3.2 ******

a pulsesecure pulse_connect_secure 9.0 r3.3 ******

a pulsesecure pulse_connect_secure 9.0 r3.5 ******

a pulsesecure pulse_connect_secure 9.0 r4 ******

References

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/

Vendor Advisory

https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html

Third Party Advisory

https://kb.cert.org/vuls/id/213092

Third Party AdvisoryUS Government Resource

https://blog.pulsesecure.net/pulse-connect-secure-security-update/

Vendor Advisory

CvssV3 impact

BaseSeverity	CRITICAL
ConfidentialityImpact	HIGH
AttackComplexity	LOW
Scope	CHANGED
AttackVector	NETWORK
AvailabilityImpact	HIGH
IntegrityImpact	HIGH
PrivilegesRequired	NONE
BaseScore	10
VectorString	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Version	3.1
UserInteraction	NONE

CvssV2 impact

AccessComplexity	LOW
ConfidentialityImpact	PARTIAL
AvailabilityImpact	PARTIAL
IntegrityImpact	PARTIAL
BaseScore	7.5
VectorString	AV:N/AC:L/Au:N/C:P/I:P/A:P
Version	2.0
AccessVector	NETWORK
Authentication	NONE