CVE-2021-44720 — Hard-coded Credentials in Pulse Connect Secure

CWE-798 — Hard-coded Credentials3 documents3 sources

Severity

7.2HIGHNVD

EPSS

2.6%

top 14.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pulsesecure Pulse Connect Secure Ivanti Connect Secure

Timeline

PublishedAug 12

Latest updateAug 13

Description

In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9.1R12, the administrator password is stored in the HTML source code of the "Maintenance > Push Configuration > Targets > Target Name" targets.cgi screen. A read-only administrative user can escalate to a read-write administrative role.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

▶NVDpulsesecure/pulse_connect_secure< 9.1

▶NVDivanti/connect_secure9.1

🔴Vulnerability Details

GHSA

GHSA-wvx3-vg8q-qgjv: In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9↗2022-08-13

▶

CVEList

CVE-2021-44720: In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9↗2022-08-11

▶