What is the severity of CVE-2021-22933?

The severity of CVE-2021-22933 is medium with a CVSS score of 6.5.

How does CVE-2021-22933 affect Pulse Connect Secure?

CVE-2021-22933 affects Pulse Connect Secure versions before 9.1R12.

How can I fix CVE-2021-22933?

To fix CVE-2021-22933, update Pulse Connect Secure to version 9.1R12 or later.

Where can I find more information about CVE-2021-22933?

You can find more information about CVE-2021-22933 at the following link: [https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC](https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC)

Vulnerability/
CVE-2021-22933

medium

6.5

CWE

16/8/2021

27/2/2024

CVE-2021-22933: Path Traversal

Q: What is the vulnerability in CVE-2021-22933?

The vulnerability in CVE-2021-22933 allows an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request.

First published: Mon Aug 16 2021(Updated: )

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request.

Credit: support@hackerone.com support@hackerone.com

Affected Software	Affected Version	How to fix
Pulsesecure Pulse Connect Secure	<9.1
Pulsesecure Pulse Connect Secure	=9.1
Pulsesecure Pulse Connect Secure	=9.1-r1.0
Pulsesecure Pulse Connect Secure	=9.1-r10.0
Pulsesecure Pulse Connect Secure	=9.1-r11.0
Pulsesecure Pulse Connect Secure	=9.1-r2.0
Pulsesecure Pulse Connect Secure	=9.1-r3.0
Pulsesecure Pulse Connect Secure	=9.1-r4.0
Pulsesecure Pulse Connect Secure	=9.1-r5.0
Pulsesecure Pulse Connect Secure	=9.1-r6.0
Pulsesecure Pulse Connect Secure	=9.1-r7.0
Pulsesecure Pulse Connect Secure	=9.1-r8.0
Pulsesecure Pulse Connect Secure	=9.1-r9.0
Ivanti Connect Secure	=9.1
Ivanti Connect Secure	=9.1-r1.0
Ivanti Connect Secure	=9.1-r10.0
Ivanti Connect Secure	=9.1-r11.0
Ivanti Connect Secure	=9.1-r2.0
Ivanti Connect Secure	=9.1-r3.0
Ivanti Connect Secure	=9.1-r4.0
Ivanti Connect Secure	=9.1-r5.0
Ivanti Connect Secure	=9.1-r6.0
Ivanti Connect Secure	=9.1-r7.0
Ivanti Connect Secure	=9.1-r8.0
Ivanti Connect Secure	=9.1-r9.0

Never miss a vulnerability like this again

Reference Links

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC

Frequently Asked Questions

What is the severity of CVE-2021-22933?
The severity of CVE-2021-22933 is medium with a CVSS score of 6.5.
How does CVE-2021-22933 affect Pulse Connect Secure?
CVE-2021-22933 affects Pulse Connect Secure versions before 9.1R12.
What is the vulnerability in CVE-2021-22933?
The vulnerability in CVE-2021-22933 allows an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request.
How can I fix CVE-2021-22933?
To fix CVE-2021-22933, update Pulse Connect Secure to version 9.1R12 or later.
Where can I find more information about CVE-2021-22933?
You can find more information about CVE-2021-22933 at the following link: [https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC](https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC)

collector/nvd-index
agent/references
agent/severity
agent/weakness
agent/author
agent/tags
agent/type
agent/event
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/pulsesecure
canonical/pulsesecure pulse connect secure
version/pulsesecure pulse connect secure/9.1
version/pulsesecure pulse connect secure/9.1-r1.0
version/pulsesecure pulse connect secure/9.1-r10.0
version/pulsesecure pulse connect secure/9.1-r11.0
version/pulsesecure pulse connect secure/9.1-r2.0
version/pulsesecure pulse connect secure/9.1-r3.0
version/pulsesecure pulse connect secure/9.1-r4.0
version/pulsesecure pulse connect secure/9.1-r5.0
version/pulsesecure pulse connect secure/9.1-r6.0
version/pulsesecure pulse connect secure/9.1-r7.0
version/pulsesecure pulse connect secure/9.1-r8.0
version/pulsesecure pulse connect secure/9.1-r9.0
vendor/ivanti
canonical/ivanti connect secure
version/ivanti connect secure/9.1
version/ivanti connect secure/9.1-r1.0
version/ivanti connect secure/9.1-r10.0
version/ivanti connect secure/9.1-r11.0
version/ivanti connect secure/9.1-r2.0
version/ivanti connect secure/9.1-r3.0
version/ivanti connect secure/9.1-r4.0
version/ivanti connect secure/9.1-r5.0
version/ivanti connect secure/9.1-r6.0
version/ivanti connect secure/9.1-r7.0
version/ivanti connect secure/9.1-r8.0
version/ivanti connect secure/9.1-r9.0

CVE-2021-22933: Path Traversal

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-22933?

How does CVE-2021-22933 affect Pulse Connect Secure?

What is the vulnerability in CVE-2021-22933?

How can I fix CVE-2021-22933?

Where can I find more information about CVE-2021-22933?

Company

Resources

Contact