ByteOS Network

Vulnerability Details :

CVE-2021-22933

Assigner Org ID-36234546-b8fa-4601-9d6f-f4e334aa8ea1

Published At-16 Aug, 2021 | 18:38

Updated At-03 Aug, 2024 | 18:58

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:hackerone

Assigner Org ID:36234546-b8fa-4601-9d6f-f4e334aa8ea1

Published At:16 Aug, 2021 | 18:38

Updated At:03 Aug, 2024 | 18:58

▼CVE Numbering Authority (CNA)

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request.

Affected Products

Vendor

n/a

Product

Pulse Connect Secure

Versions

Affected

Fixed in 9.1R12

Problem Types

Type	CWE ID	Description
CWE	CWE-22	Path Traversal (CWE-22)

Type: CWE

CWE ID: CWE-22

Description: Path Traversal (CWE-22)

References

Hyperlink	Resource
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC	x_refsource_MISC

Hyperlink: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC

Resource:

x_refsource_MISC

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC	x_refsource_MISC x_transferred

Hyperlink: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC

Resource:

x_refsource_MISC

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:support@hackerone.com

Published At:16 Aug, 2021 | 19:15

Updated At:27 Feb, 2024 | 21:04

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request.