CVE-2021-22900

Published: May 27, 2021

Modified: Oct 21, 2025

PUBLISHED

Description

A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

Vendor	Product	Versions
n/a	Pulse Secure Secure	affected `Fixed in 9.1R11.4`

Weaknesses (CWE)

CWE-94

References

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/?kA23Z000000boUWSAY

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-22900

Description

Affected Products

Weaknesses (CWE)

References