CVE-2021-22899
published 2021-05-27CVE-2021-22899: A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via…
PriorityP186high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
EPSS
22.34%
97.4th percentile
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | connect_secure | — | — |
| ivanti | connect_secure | — | — |
| ivanti | pulse_connect_secure | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploitation vector is remote authenticated command injection via the Windows File Resource Profiles feature in Pulse Connect Secure ↗
- →Affected product and version scope: Pulse Connect Secure before 9.1R11.4 — monitor for exploitation attempts against unpatched instances ↗
- ·Exploitation requires prior authentication; unauthenticated exploitation is not indicated by available sources ↗
- ·The attack surface is specifically the Windows File Resource Profiles feature; this feature must be enabled/configured for exploitation to be possible ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vulncheck8.8HIGH
cisa8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3v8c-432m-393w: A command injection vulnerability exists in Pulse Connect Secure before 9
ghsa_unreviewed·2022-05-24
CVE-2021-22899 [HIGH] CWE-77 GHSA-3v8c-432m-393w: A command injection vulnerability exists in Pulse Connect Secure before 9
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature
VulnCheck
Ivanti Pulse Connect Secure Command Injection Vulnerability
vulncheck·2021·CVSS 8.8
CVE-2021-22899 [HIGH] CWE-77 Ivanti Pulse Connect Secure Command Injection Vulnerability
Ivanti Pulse Connect Secure Command Injection Vulnerability
Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.
Affected: Ivanti Connect Secure and Policy Secure
Required Action: Apply updates per vendor instructions.
Exploitation References: https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2022-05-03
CISA
Ivanti Pulse Connect Secure Command Injection Vulnerability
cisa·2021-11-03·CVSS 8.8
CVE-2021-22899 [HIGH] CWE-77 Ivanti Pulse Connect Secure Command Injection Vulnerability
Vulnerability: Ivanti Pulse Connect Secure Command Injection Vulnerability
Affected: Ivanti Pulse Connect Secure
Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.
Required Action: Apply updates per vendor instructions.
Notes: Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22899
Remediation Due Date: 2022-05-03
Ivanti
Pulse Connect Secure Command Injection
vendor_ivanti·2021-11-03·CVSS 8.8
CVE-2021-22899 [HIGH] Pulse Connect Secure Command Injection
Pulse Connect Secure Command Injection
Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.
CVE IDs: CVE-2021-22899
Affected products: Pulse Connect Secure
This vulnerability is listed in the CISA Known Exploited Vulnerabilities catalog.
Required Action: Apply updates per vendor instructions.
Remediation Due Date: 2022-05-03
No detection rules found.
No public exploits indexed.
arXiv
Microservice Vulnerability Analysis: A Literature Review with Empirical Insights
arxiv_fulltext·2024-07-31
Microservice Vulnerability Analysis: A Literature Review with Empirical Insights
Microservice Vulnerability Analysis: A Literature Review with Empirical Insights
Raveen Kanishka Jayalath*
University of Adelaide, Australia
[email protected]
Hussain Ahmad* *Authors contributed equally to this work. Corresponding author.
University of Adelaide, Australia
[email protected]
Diksha Goel
CSIRO's Data61, Australia
[email protected]
3cmMuhammad Shuja Syed
3cmSLB, USA
[email protected]
Faheem Ullah
University of Adelaide, Australia
[email protected]
plain
## Abstract
Microservice architectures are revolutionizing both small businesses and large corporations, igniting a new era of innovation with their exceptional advantages in maintainability, reusability, and scalability. However, these benefits come w
Tenable
CVE-2025-0282: Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild
blogs_tenable·2025-01-08·CVSS 9.0
[CRITICAL] CVE-2025-0282: Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
CVE-2023-46805, CVE-2024-21887: Zero-Day Vulnerabilities Exploited in Ivanti Connect Secure and Policy Secure Gateways
blogs_tenable·2024-01-10·CVSS 8.2
[HIGH] CVE-2023-46805, CVE-2024-21887: Zero-Day Vulnerabilities Exploited in Ivanti Connect Secure and Policy Secure Gateways
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Qualys
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
blogs_qualys·2022-02-23
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
#### Table of Contents
- Situation
- Directive Scope
- CISA Catalog of Known Exploited Vulnerabilities
- Detect CISA Vulnerabilities Using Qualys VMDR
- CISA Exploited RTI
- Detailed Operational Dashboard
- Remediation
- Federal Enterprises and Agencies Can Act Now
- Summary
- Getting Started
CISA released a directive in November 2021, recommending urgent and prioritized remediation of actively exploited vulnerabilities. Both government agencies and corporations should heed this advice. This blog outlines how Qualys Vulnerability Management, Detection & Response can be used by any organization to respond to this directive efficiently and effectively.
## Situation
Last November 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directiv
Qualys
Qualys Response to CISA Alert: Binding Operational Directive 22-01
blogs_qualys·2021-11-09
Qualys Response to CISA Alert: Binding Operational Directive 22-01
## Table of Contents
Overview
Directive Scope
CISA Catalog of Known Exploited Vulnerabilities
Detect CISAs Vulnerabilities Using Qualys VMDR
Remediation
Federal Enterprises and Agencies Can Act Now
Summary
Getting Started
Start your VMDR 30-day, no-cost trial today
## Overview
On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directive 22-01 , “Reducing the Significant Risk of Known Exploited Vulnerabilities.” This directive recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal government and establishes requirements for agencies to remediate
Qualys
Qualys Response to CISA Alert: Binding Operational Directive 22-01 | Qualys
blogs_qualys·2021-11-09
Qualys Response to CISA Alert: Binding Operational Directive 22-01 | Qualys
#### Table of Contents
- Overview
- Directive Scope
- CISA Catalog of Known Exploited Vulnerabilities
- Detect CISAs Vulnerabilities Using Qualys VMDR
- Remediation
- Federal Enterprises and Agencies Can Act Now
- Summary
- Getting Started
Start your VMDR 30-day, no-cost trial today
## Overview
On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directive 22-01, “Reducing the Significant Risk of Known Exploited Vulnerabilities.” This directive recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal government and establishes requirements for agencies to
Tenable
How Risk-based Vulnerability Management Can Help Address the Most Commonly Exploited Vulnerabilities Today
blogs_tenable·2021-07-30
How Risk-based Vulnerability Management Can Help Address the Most Commonly Exploited Vulnerabilities Today
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Qualys
CISA Alert: Top Routinely Exploited Vulnerabilities | Qualys
blogs_qualys·2021-07-29·CVSS 10.0
[CRITICAL] CISA Alert: Top Routinely Exploited Vulnerabilities | Qualys
#### Table of Contents
- Top Routinely Exploited Vulnerabilities
- Detect CISAs Top Routinely Exploited Vulnerabilities using Qualys VMDR
- Recommendations
- Remediation and Mitigation
- Get Started Now
On July 28, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity advisory detailing the top 30 publicly known vulnerabilities that have been routinely exploited by cyber threat actors in 2020 and 2021. Organizations are advised to prioritize and apply patches or workarounds for these vulnerabilities as soon as possible.
The advisory states, “If an organization is unable to update all software shortly after a patch is released, prioritize implementing patches for CVEs that are already known to be exploited or that would be accessible to the large
Qualys
CISA Alert: Top Routinely Exploited Vulnerabilities
blogs_qualys·2021-07-29·CVSS 9.1
[CRITICAL] CISA Alert: Top Routinely Exploited Vulnerabilities
## Table of Contents
Top Routinely Exploited Vulnerabilities
Detect CISAs Top Routinely Exploited Vulnerabilities using Qualys VMDR
Recommendations
Remediation and Mitigation
Get Started Now
On July 28, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity advisory detailing the top 30 publicly known vulnerabilities that have been routinely exploited by cyber threat actors in 2020 and 2021. Organizations are advised to prioritize and apply patches or workarounds for these vulnerabilities as soon as possible.
The advisory states, “If an organization is unable to update all software shortly after a patch is released, prioritize implementing patches for CVEs that are already known to be exploited or that would be accessible to the largest numbe
Tenable
CVE-2021-22893: Zero-Day Vulnerability in Pulse Connect Secure Exploited in the Wild
blogs_tenable·2021-04-20·CVSS 10.0
[CRITICAL] CVE-2021-22893: Zero-Day Vulnerability in Pulse Connect Secure Exploited in the Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
2021-05-27
Published
2021-11-03
Added to CISA KEV
Exploited in the wild