-
-
Save JGarciaSec/2060ec1c8efc1d573a1ddb754c6b4f84 to your computer and use it in GitHub Desktop.
Pulse Connect Secure CVE 2021-44720
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [description] | |
| Ivanti Pulse Connect Secure (PCS) before 9.1R12, stores the readable administrator password in the HTML source code at "Maintenance > Push Configuration > Targets > (target Name)". A read-only administrative user is able to escalate to a read-write administrative role with the credentials in the HTML source code. | |
| ------------------------------------------ | |
| [Vulnerability Type] | |
| Incorrect Access Control | |
| ------------------------------------------ | |
| [Vendor of Product] | |
| Pulse Secure - Ivanti | |
| ------------------------------------------ | |
| [Affected Product Code Base] | |
| Pulse Connect Secure - before 9.1R12 | |
| ------------------------------------------ | |
| [Impact Escalation of Privileges] | |
| true | |
| ------------------------------------------ | |
| [Attack Vectors] | |
| Hard coded admin password in HTML code | |
| ------------------------------------------ | |
| [Has vendor confirmed or acknowledged the vulnerability?] | |
| true | |
| ------------------------------------------ | |
| [Discoverer] | |
| Joel Garcia Santisima Trinidad from Secura.com |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment