{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T03:49:33.751","vulnerabilities":[{"cve":{"id":"CVE-2021-22938","sourceIdentifier":"support@hackerone.com","published":"2021-08-16T19:15:13.807","lastModified":"2024-11-21T05:50:58.537","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform command injection via an unsanitized web parameter in the administrator web console."},{"lang":"es","value":"Una vulnerabilidad en Pulse Connect Secure, versiones anteriores a 9.1R12, podía permitir a un administrador autenticado llevar a cabo una inyección de comandos por medio de un parámetro web no saneado en la consola web del administrador."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*","matchCriteriaId":"4F450898-0B06-4073-9B76-BF22F68BD14F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*","matchCriteriaId":"130C8955-BDA4-4518-8EBA-740EB08FC3E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*","matchCriteriaId":"5AA4B39F-2FB9-4752-B1F1-18812B0990B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*","matchCriteriaId":"ABD840BF-944E-4F4C-96DC-0256286338F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r2.0:*:*:*:*:*:*","matchCriteriaId":"4E2D041D-9BDD-416D-B658-1C517C854104"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r3.0:*:*:*:*:*:*","matchCriteriaId":"7155EB34-E8E0-49AF-BDA2-FB4BFA44662E"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r4.0:*:*:*:*:*:*","matchCriteriaId":"25EE614A-5F32-4CA9-998A-4FAF16DC100C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r5.0:*:*:*:*:*:*","matchCriteriaId":"F49EE829-A2CD-491E-BFC3-7888491D7C58"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r6.0:*:*:*:*:*:*","matchCriteriaId":"2254DDF1-7FF3-49E1-8826-91F49A6794F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r7.0:*:*:*:*:*:*","matchCriteriaId":"B8EA4DA8-CD09-41AC-ADCB-27CF771C016B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r8.0:*:*:*:*:*:*","matchCriteriaId":"4D6CECCB-18BA-4219-95A2-2525A2BDCE36"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r9.0:*:*:*:*:*:*","matchCriteriaId":"B7006C07-0E3F-4890-A1B3-533E10924D49"},{"vulnerable":true,"criteria":"cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*","versionEndExcluding":"9.1","matchCriteriaId":"43AF1D62-D827-4495-A4B0-CCA0C2BEE68F"}]}]}],"references":[{"url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC","source":"support@hackerone.com","tags":["Vendor Advisory"]},{"url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAC","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}