First published: Fri Sep 30 2022(Updated: )
Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up prefixing the next HTTP request sent down that connection, this means when someone loads website attacker may be able to make browser issue a POST to the application, enabling XSS.
Credit: support@hackerone.com support@hackerone.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pulsesecure Pulse Connect Secure | <9.1 | |
Pulsesecure Pulse Connect Secure | =9.1 | |
Pulsesecure Pulse Connect Secure | =9.1-r1 | |
Pulsesecure Pulse Connect Secure | =9.1-r1.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r10.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r10.2 | |
Pulsesecure Pulse Connect Secure | =9.1-r11.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r11.1 | |
Pulsesecure Pulse Connect Secure | =9.1-r11.3 | |
Pulsesecure Pulse Connect Secure | =9.1-r11.4 | |
Pulsesecure Pulse Connect Secure | =9.1-r12 | |
Pulsesecure Pulse Connect Secure | =9.1-r12.1 | |
Pulsesecure Pulse Connect Secure | =9.1-r12.2 | |
Pulsesecure Pulse Connect Secure | =9.1-r13 | |
Pulsesecure Pulse Connect Secure | =9.1-r15 | |
Pulsesecure Pulse Connect Secure | =9.1-r2 | |
Pulsesecure Pulse Connect Secure | =9.1-r2.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r3 | |
Pulsesecure Pulse Connect Secure | =9.1-r3.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r4 | |
Pulsesecure Pulse Connect Secure | =9.1-r4.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r4.1 | |
Pulsesecure Pulse Connect Secure | =9.1-r4.2 | |
Pulsesecure Pulse Connect Secure | =9.1-r4.3 | |
Pulsesecure Pulse Connect Secure | =9.1-r5 | |
Pulsesecure Pulse Connect Secure | =9.1-r5.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r6 | |
Pulsesecure Pulse Connect Secure | =9.1-r6.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r7 | |
Pulsesecure Pulse Connect Secure | =9.1-r7.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r8 | |
Pulsesecure Pulse Connect Secure | =9.1-r8.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r8.1 | |
Pulsesecure Pulse Connect Secure | =9.1-r8.2 | |
Pulsesecure Pulse Connect Secure | =9.1-r8.4 | |
Pulsesecure Pulse Connect Secure | =9.1-r9 | |
Pulsesecure Pulse Connect Secure | =9.1-r9.0 | |
Pulsesecure Pulse Connect Secure | =9.1-r9.1 | |
Pulsesecure Pulse Connect Secure | =9.1-r9.2 | |
Ivanti Connect Secure | =9.1 | |
Ivanti Connect Secure | =9.1-r1 | |
Ivanti Connect Secure | =9.1-r1.0 | |
Ivanti Connect Secure | =9.1-r10.0 | |
Ivanti Connect Secure | =9.1-r10.2 | |
Ivanti Connect Secure | =9.1-r11.0 | |
Ivanti Connect Secure | =9.1-r11.1 | |
Ivanti Connect Secure | =9.1-r11.3 | |
Ivanti Connect Secure | =9.1-r11.4 | |
Ivanti Connect Secure | =9.1-r12 | |
Ivanti Connect Secure | =9.1-r12.1 | |
Ivanti Connect Secure | =9.1-r12.2 | |
Ivanti Connect Secure | =9.1-r13 | |
Ivanti Connect Secure | =9.1-r15 | |
Ivanti Connect Secure | =9.1-r2 | |
Ivanti Connect Secure | =9.1-r2.0 | |
Ivanti Connect Secure | =9.1-r3 | |
Ivanti Connect Secure | =9.1-r3.0 | |
Ivanti Connect Secure | =9.1-r4 | |
Ivanti Connect Secure | =9.1-r4.0 | |
Ivanti Connect Secure | =9.1-r4.1 | |
Ivanti Connect Secure | =9.1-r4.2 | |
Ivanti Connect Secure | =9.1-r4.3 | |
Ivanti Connect Secure | =9.1-r5 | |
Ivanti Connect Secure | =9.1-r5.0 | |
Ivanti Connect Secure | =9.1-r6 | |
Ivanti Connect Secure | =9.1-r6.0 | |
Ivanti Connect Secure | =9.1-r7 | |
Ivanti Connect Secure | =9.1-r7.0 | |
Ivanti Connect Secure | =9.1-r8 | |
Ivanti Connect Secure | =9.1-r8.0 | |
Ivanti Connect Secure | =9.1-r8.1 | |
Ivanti Connect Secure | =9.1-r8.2 | |
Ivanti Connect Secure | =9.1-r8.4 | |
Ivanti Connect Secure | =9.1-r9 | |
Ivanti Connect Secure | =9.1-r9.0 | |
Ivanti Connect Secure | =9.1-r9.1 | |
Ivanti Connect Secure | =9.1-r9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-21826 is a vulnerability in Pulse Secure version 9.115 and below that enables client-side HTTP request smuggling.
CVE-2022-21826 affects Pulse Secure version 9.115 and below by allowing an attacker to perform client-side HTTP request smuggling.
CVE-2022-21826 has a severity rating of medium with a CVSS score of 5.4.
To fix CVE-2022-21826 in Pulse Secure, you should update to a version higher than 9.115.
You can find more information about CVE-2022-21826 at the following link: [Pulse Security Advisories](https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/)