CVE-2021-22965
published 2021-11-19CVE-2021-22965: A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service when a malformed request is…
PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
2.12%
79.6th percentile
A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service when a malformed request is sent to the device.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | connect_secure | — | — |
| pulsesecure | pulse_connect_secure | < 9.1 | 9.1 |
| pulsesecure | pulse_connect_secure | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q8h8-595r-f56h: A vulnerability in Pulse Connect Secure before 9
ghsa_unreviewed·2022-05-24
CVE-2021-22965 [HIGH] CWE-400 GHSA-q8h8-595r-f56h: A vulnerability in Pulse Connect Secure before 9
A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service when a malformed request is sent to the device.
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2022-22965 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
Ivanti
Ivanti Security Advisory: CVE-2021-22965
vendor_ivanti·2021-11-19·CVSS 7.5
CVE-2021-22965 [HIGH] CWE-400 Ivanti Security Advisory: CVE-2021-22965
Ivanti Security Advisory: CVE-2021-22965
A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service when a malformed request is sent to the device.
CVE IDs: CVE-2021-22965
CVSS Base Score: 7.5
Severity: HIGH
CWEs: CWE-400
No detection rules found.
No public exploits indexed.
Qualys
Why Is Snapshot Scanning Not Enough? | Qualys
blogs_qualys·2022-11-01
Why Is Snapshot Scanning Not Enough? | Qualys
#### Table of Contents
- What Is Snapshot Scanning?
- Places Where Snapshot Scanning Makes Sense
- Limitations of Snapshot Scanning
- When Agents Should Be Used
- When API-Based Scanning Should Be Used
- When network scanning should be used
- What Users Want Multiple Scanner Options
- What Is Qualys FlexScan?
- The Advantage of FlexScan
- Recommendations on When To Use Each Scanning Method With FlexScan
- Additional Resources
As new scanning technologies are released, their supposed superiority is touted over the others. The problem is, however, that there is no best scanning technology, all of them have strengths and limitations. If recent claims from several vendors are believed, a “best” scanning method called snapshot scanning exists. But when we look closely, snapshot scanning has a
Qualys
Why Is Snapshot Scanning Not Enough?
blogs_qualys·2022-11-01
Why Is Snapshot Scanning Not Enough?
## Table of Contents
What Is Snapshot Scanning?
Places Where Snapshot Scanning Makes Sense
Limitations of Snapshot Scanning
When Agents Should Be Used
When API-Based Scanning Should Be Used
When network scanning should be used
What Users Want Multiple Scanner Options
What Is Qualys FlexScan?
The Advantage of FlexScan
Recommendations on When To Use Each Scanning Method With FlexScan
Additional Resources
As new scanning technologies are released, their supposed superiority is touted over the others. The problem is, however, that there is no best scanning technology, all of them have strengths and limitations. If recent claims from several vendors are believed, a “best” scanning method called snapshot scanning exists. But when we look closely, snapshot scanning has advantages for
2021-11-19
Published