CVE-2022-21826

EPSS 15.73%
Published 30.09.2022 17:15:12
Last modified 21.11.2024 06:45:30
Source support@hackerone.com
Teams watchlist Login
Open Login

Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up prefixing the next HTTP request sent down that connection, this means when someone loads website attacker may be able to make browser issue a POST to the application, enabling XSS.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Ivanti ≫ Connect Secure Version9.1 Update-

Ivanti ≫ Connect Secure Version9.1 Updater1

Ivanti ≫ Connect Secure Version9.1 Updater1.0

Ivanti ≫ Connect Secure Version9.1 Updater10.0

Ivanti ≫ Connect Secure Version9.1 Updater10.2

Ivanti ≫ Connect Secure Version9.1 Updater11.0

Ivanti ≫ Connect Secure Version9.1 Updater11.1

Ivanti ≫ Connect Secure Version9.1 Updater11.3

Ivanti ≫ Connect Secure Version9.1 Updater11.4

Ivanti ≫ Connect Secure Version9.1 Updater12

Ivanti ≫ Connect Secure Version9.1 Updater12.1

Ivanti ≫ Connect Secure Version9.1 Updater12.2

Ivanti ≫ Connect Secure Version9.1 Updater13

Ivanti ≫ Connect Secure Version9.1 Updater15

Ivanti ≫ Connect Secure Version9.1 Updater2

Ivanti ≫ Connect Secure Version9.1 Updater2.0

Ivanti ≫ Connect Secure Version9.1 Updater3

Ivanti ≫ Connect Secure Version9.1 Updater3.0

Ivanti ≫ Connect Secure Version9.1 Updater4

Ivanti ≫ Connect Secure Version9.1 Updater4.0

Ivanti ≫ Connect Secure Version9.1 Updater4.1

Ivanti ≫ Connect Secure Version9.1 Updater4.2

Ivanti ≫ Connect Secure Version9.1 Updater4.3

Ivanti ≫ Connect Secure Version9.1 Updater5

Ivanti ≫ Connect Secure Version9.1 Updater5.0

Ivanti ≫ Connect Secure Version9.1 Updater6

Ivanti ≫ Connect Secure Version9.1 Updater6.0

Ivanti ≫ Connect Secure Version9.1 Updater7

Ivanti ≫ Connect Secure Version9.1 Updater7.0

Ivanti ≫ Connect Secure Version9.1 Updater8

Ivanti ≫ Connect Secure Version9.1 Updater8.0

Ivanti ≫ Connect Secure Version9.1 Updater8.1

Ivanti ≫ Connect Secure Version9.1 Updater8.2

Ivanti ≫ Connect Secure Version9.1 Updater8.4

Ivanti ≫ Connect Secure Version9.1 Updater9

Ivanti ≫ Connect Secure Version9.1 Updater9.0

Ivanti ≫ Connect Secure Version9.1 Updater9.1

Ivanti ≫ Connect Secure Version9.1 Updater9.2

Pulsesecure ≫ Pulse Connect Secure Version < 9.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	15.73%	0.945

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.4	2.3	2.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-21826

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-21826

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-21826

EUVD