1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability

Known Exploited Vulnerabilities CVE-2021-22900 Mappings

A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2021-22900 Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability primary_impact T1068 Exploitation for Privilege Escalation
Comments
This vulnerability is exploited through multiple unrestricted uploads. Adversaries with authenticated administrator privileges leverage this vulnerability to perform unauthorized file writes on the system via a maliciously crafted archive upload within the administrator web interface in Pulse Connect Secure.
References
  1. https://www.clouddefense.ai/cve/2021/CVE-2021-22900
  2. https://forums.ivanti.com/s/article/SA44784?language=en_US
CVE-2021-22900 Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability exploitation_technique T1059 Command and Scripting Interpreter
Comments
This vulnerability is exploited through multiple unrestricted uploads. Adversaries with authenticated administrator privileges leverage this vulnerability to perform unauthorized file writes on the system via a maliciously crafted archive upload within the administrator web interface in Pulse Connect Secure.
References
  1. https://www.clouddefense.ai/cve/2021/CVE-2021-22900
  2. https://forums.ivanti.com/s/article/SA44784?language=en_US