Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability

Known Exploited Vulnerabilities CVE-2021-22894 Mappings

A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2021-22894	Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability	primary_impact	T1059	Command and Scripting Interpreter	Comments This vulnerability is exploited through a buffer overflow weakness. Remote authenticated attackers leverage this vulnerability to perform arbitrary code execution with root privileges on the Pulse Connect Secure gateway by manipulating input buffers. References https://vuldb.com/?id.175985
CVE-2021-22894	Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability	exploitation_technique	T1078	Valid Accounts	Comments This vulnerability is exploited through a buffer overflow weakness. Remote authenticated attackers leverage this vulnerability to perform arbitrary code execution with root privileges on the Pulse Connect Secure gateway by manipulating input buffers. References https://vuldb.com/?id.175985