1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Ivanti Pulse Connect Secure Command Injection Vulnerability

Known Exploited Vulnerabilities CVE-2021-22899 Mappings

A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2021-22899 Ivanti Pulse Connect Secure Command Injection Vulnerability primary_impact T1059.003 Windows Command Shell
Comments
This vulnerability is exploited through a command injection weakness. Remote authenticated attackers leverage this vulnerability to perform arbitrary code execution on the target system via the Windows Resource Profiles Feature.
References
  1. https://www.clouddefense.ai/cve/2021/CVE-2021-22899
  2. https://forums.ivanti.com/s/article/SA44784?language=en_US
CVE-2021-22899 Ivanti Pulse Connect Secure Command Injection Vulnerability exploitation_technique T1078 Valid Accounts
Comments
This vulnerability is exploited through a command injection weakness. Remote authenticated attackers leverage this vulnerability to perform arbitrary code execution on the target system via the Windows Resource Profiles Feature.
References
  1. https://www.clouddefense.ai/cve/2021/CVE-2021-22899
  2. https://forums.ivanti.com/s/article/SA44784?language=en_US