CVE-2021-22893

Description from NVD

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.

Information Acquisition Date:2021-05-31T12:40Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 10.0 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/
     source:MISC
     tags:Vendor Advisory    
 https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html
     source:MISC
     tags:Third Party Advisory    
 https://kb.cert.org/vuls/id/213092
     source:MISC
     tags:Third Party Advisory    US Government Resource    
 https://blog.pulsesecure.net/pulse-connect-secure-security-update/
     source:MISC
     tags:Vendor Advisory    

This vulnerability may involve a PoC.

Description from Forti

Security Vulnerability CVE-2021-22893 for Pulse Secure

Information Acquisition Date:2021/05/05

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Windows(1 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...318
https://lists.astaro.com/ASGV9-IPS-rules.html24
https://twitter.com/johnhultquist/status/138451004387857612813
https://thehackernews.com/2021/04/warning-hackers-exploit-u...7
https://vfeed.io6
https://kb.pulsesecure.net/articles/Pulse_Security_Advisori...6
https://www.tenable.com/blog/cve-2021-22893-zero-day-vulner...5
https://www.helpnetsecurity.com/2021/04/21/cve-2021-22893/5
https://ift.tt/2RGEtRp4
https://www.jpcert.or.jp/at/2021/at210019.html4
https://www.securityweek.com/pulse-secure-zero-day-flaw-act...4
https://spyse.com/advanced-search/ip?search_params=%5B%7B%2...3
https://briefly.co/anchor/Privacy_professionals/story/chine...3
https://github.com/ZephrFish/CVE-2021-228933
http://mi6rogue.com/news3
https://www.ipa.go.jp/security/ciadr/vul/alert20210421.html3
https://www.rapid7.com/blog/post/2021/04/21/active-exploita...3
https://www.fireeye.com/blog/threat-research/2021/04/suspec...3

Information from Twitter

User URL Info Source Date
threatintelctr https://nvd.nist.gov/vuln/detail/CVE-2021-22893 Source threatintelctr   1584601162736668675 2022/10/25
LinInfoSec https://kb.pulsesecure.net/articles/Pulse_Security_Advisori... Source LinInfoSec       1584636105479143427 2022/10/25

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com318
lists.astaro.com24
twitter.com13
thehackernews.com7
vfeed.io6
kb.pulsesecure.net6
www.tenable.com5
www.helpnetsecurity.com5
ift.tt4
www.jpcert.or.jp4
www.securityweek.com4
spyse.com3
briefly.co3
github.com3
mi6rogue.com3
www.ipa.go.jp3
www.rapid7.com3
www.fireeye.com3

Information from Twitter

User URL Info Source
threatintelctr nvd.nist.gov Show Tweet
LinInfoSec kb.pulsesecure.net Show Tweet
GitHub Search Results: Up to 10
NameURL
ZephrFish/CVE-2021-22893_HoneyPoC2 https://github.com/ZephrFish/CVE-2021-22893_HoneyPoC2
Mad-robot/CVE-2021-22893 https://github.com/Mad-robot/CVE-2021-22893
oxctdev/CVE-2021-22893 https://github.com/oxctdev/CVE-2021-22893
GitHub Search Results: Up to 10
NameURL
ZephrFish/CVE-2021-22893_HoneyPoC2 github.com
Mad-robot/CVE-2021-22893 github.com
oxctdev/CVE-2021-22893 github.com
2022/10/25 Score : 2
Added Har-sia Database : 2021/04/20
Last Modified : 2022/10/25
Highest Scored Date : 2021/04/21
Highest Score : 180