Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Pulse Connect Secure Security Vulnerabilities

cve
cve

CVE-2022-21826

Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up prefixing the next HTTP request sent down...

5.4CVSS

5.3AI Score

0.001EPSS

2022-09-30 05:15 PM
37
4
cve
cve

CVE-2021-44720

In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9.1R12, the administrator password is stored in the HTML source code of the "Maintenance > Push Configuration > Targets > Target Name" targets.cgi screen. A read-only administrative user can escalate to a read-write administrative...

7.2CVSS

7.1AI Score

0.001EPSS

2022-08-12 03:15 PM
40
2
cve
cve

CVE-2021-22965

A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service when a malformed request is sent to the...

7.5CVSS

7.9AI Score

0.001EPSS

2021-11-19 07:15 PM
32
4