CVE-2022-21826

Published Sep 30, 2022

Last updated 9 months ago

CVSS medium 5.4

Overview

Description: Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up prefixing the next HTTP request sent down that connection, this means when someone loads website attacker may be able to make browser issue a POST to the application, enabling XSS.
Source: support@hackerone.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.4
Impact score: 2.7
Exploitability score: 2.3
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-444
support@hackerone.com: CWE-444

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "130C8955-BDA4-4518-8EBA-740EB08FC3E4"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AA4B39F-2FB9-4752-B1F1-18812B0990B4"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "232BAB6C-D318-4F80-8F49-4E700C21F535"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABD840BF-944E-4F4C-96DC-0256286338F6"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1995F34-AE75-47C4-9A9D-DBB1D3E130E5"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7162C24D-D181-49CC-B8C2-9EE3E0CDF846"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E2D041D-9BDD-416D-B658-1C517C854104"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7155EB34-E8E0-49AF-BDA2-FB4BFA44662E"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25EE614A-5F32-4CA9-998A-4FAF16DC100C"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F49EE829-A2CD-491E-BFC3-7888491D7C58"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2254DDF1-7FF3-49E1-8826-91F49A6794F8"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8EA4DA8-CD09-41AC-ADCB-27CF771C016B"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D6CECCB-18BA-4219-95A2-2525A2BDCE36"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07AB853D-5A3F-4142-8417-1C9FB729A89E"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7006C07-0E3F-4890-A1B3-533E10924D49"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9"
          },
          {
            "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F54753D0-6275-4F82-B874-55438D2983B3"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43AF1D62-D827-4495-A4B0-CCA0C2BEE68F",
            "versionEndExcluding": "9.1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References