Command Injection Vulnerability in Pulse Connect Secure

Command Injection Vulnerability in Pulse Connect Secure

CVE-2021-22938 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform command injection via an unsanitized web parameter in the administrator web console.

Learn more about our Web App Pen Testing.