CVE-2021-22900

Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability

Description

Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

Severity: HIGH

CVSS Score: 7.2

Vendor: Ivanti

Product: Pulse Connect Secure