{ "id": "CVE-2022-35258", "sourceIdentifier": "support@hackerone.com", "published": "2022-12-05T22:15:10.627", "lastModified": "2022-12-09T00:33:47.967", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-682" } ] }, { "source": "support@hackerone.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-128" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*", "versionEndExcluding": "9.1", "matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*", "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*", "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*", "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*", "matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*", "matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*", "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*", "matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*", "matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*", "matchCriteriaId": "24514B40-540E-45D7-90DC-BCC1D9D7E92C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*", "versionEndExcluding": "9.1", "matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*", "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*", "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*", "matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*", "matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:-:*:*:*:*:*:*", "matchCriteriaId": "8E84076A-C4AB-4C41-B325-F9557080E95A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r1:*:*:*:*:*:*", "matchCriteriaId": "1252710D-3A38-4C4D-8B97-1CEB6668A67B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r1.0:*:*:*:*:*:*", "matchCriteriaId": "271D0BBE-0129-4F40-A19C-0BF9E248A44D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r10.0:*:*:*:*:*:*", "matchCriteriaId": "A7198897-DA21-4E8C-B32F-0036300B2C66" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r10.2:*:*:*:*:*:*", "matchCriteriaId": "63161280-A39B-463A-BCA2-DBAA44E8C4E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.0:*:*:*:*:*:*", "matchCriteriaId": "575E6DC1-9EEF-40A7-8B78-E88AA9536340" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.1:*:*:*:*:*:*", "matchCriteriaId": "9E7214B7-3289-41DA-A3A7-FACFD0241EEE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.3:*:*:*:*:*:*", "matchCriteriaId": "BCBD2F13-C156-46B4-A5FB-FD23D5076E56" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.4:*:*:*:*:*:*", "matchCriteriaId": "06395B45-415B-42F0-B236-4FBE14157C64" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.5:*:*:*:*:*:*", "matchCriteriaId": "C2ABAD19-EA53-43CC-8A42-33FD2BA098E7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r12:*:*:*:*:*:*", "matchCriteriaId": "83FD8E6D-EFA2-4A02-9BAD-BF0F45848AA4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r12.1:*:*:*:*:*:*", "matchCriteriaId": "A0A04C77-DE79-40C0-95B6-24CF1F6E0B88" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r12.2:*:*:*:*:*:*", "matchCriteriaId": "18803EFF-35B5-43F3-9803-D7507E6B5796" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r13:*:*:*:*:*:*", "matchCriteriaId": "7E7DFA97-A7A6-46B0-8D07-F417BEB9F1F3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r13.1:*:*:*:*:*:*", "matchCriteriaId": "50D4A34B-CB28-4645-8493-CB8DBD58424B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r14:*:*:*:*:*:*", "matchCriteriaId": "AFAF41C4-4F75-4C3E-8746-3B76BF32B008" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r2:*:*:*:*:*:*", "matchCriteriaId": "C272B0B1-A08A-46D9-A8FB-5B2CF0C70A94" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r2.0:*:*:*:*:*:*", "matchCriteriaId": "2E9ED39C-A76A-4D7E-B4DC-516FF411FE79" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r3:*:*:*:*:*:*", "matchCriteriaId": "002F211E-954E-4881-80B1-D92C77A3687D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r3.0:*:*:*:*:*:*", "matchCriteriaId": "20B061C7-AB19-4EA0-BB87-59E897516327" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4:*:*:*:*:*:*", "matchCriteriaId": "648BE1FA-7B29-416E-B827-25941170AB32" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.0:*:*:*:*:*:*", "matchCriteriaId": "2A2338A6-CFEB-40D8-BA96-F7CE37B862FC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.1:*:*:*:*:*:*", "matchCriteriaId": "DFE6AF6A-F6C4-4463-8316-5BAB9A13452F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.2:*:*:*:*:*:*", "matchCriteriaId": "79B29059-9C55-455F-8B96-525BCF4E1DFE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.3:*:*:*:*:*:*", "matchCriteriaId": "69567696-0EED-425F-B6E9-86DE4CF6F4A5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r5:*:*:*:*:*:*", "matchCriteriaId": "C17EC167-CA23-47DD-9403-9087376963E9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r5.0:*:*:*:*:*:*", "matchCriteriaId": "3F445B6E-0EF4-423A-A7FF-E1916DEED24F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r6:*:*:*:*:*:*", "matchCriteriaId": "47BCB978-25F4-4B31-9806-B3458962DC91" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r6.0:*:*:*:*:*:*", "matchCriteriaId": "1C86C96D-F82C-4A6F-B90F-A00DE7B1448D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r7:*:*:*:*:*:*", "matchCriteriaId": "B4FB8381-79D4-42F4-910F-C574F8F0D322" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r7.0:*:*:*:*:*:*", "matchCriteriaId": "C2664F97-0BC2-4DA2-A1FE-14A47634553B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8:*:*:*:*:*:*", "matchCriteriaId": "96E3A807-BCFB-4A19-90D3-BDB3A5A36161" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.0:*:*:*:*:*:*", "matchCriteriaId": "29AC3CD5-E7D7-48D1-A87E-AF53DDB1E720" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.1:*:*:*:*:*:*", "matchCriteriaId": "A8762030-CFCE-4524-9DB1-8C4796C1A885" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.2:*:*:*:*:*:*", "matchCriteriaId": "333A0F57-87A7-459D-8CA3-2CBED3219B78" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.4:*:*:*:*:*:*", "matchCriteriaId": "CEA21BBB-F2F3-4B25-8F52-5B25DA0D49DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9:*:*:*:*:*:*", "matchCriteriaId": "4825004D-60A3-4E36-890E-2CDFB20FC726" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.0:*:*:*:*:*:*", "matchCriteriaId": "4AF247A2-8E43-4D16-AC14-8B0BE67687DB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.1:*:*:*:*:*:*", "matchCriteriaId": "96352DBB-92FD-44DE-8820-9931CF926C8C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.2:*:*:*:*:*:*", "matchCriteriaId": "8DDFCAAC-B447-425E-967C-AA0A93860B9E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*", "matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r1:*:*:*:*:*:*", "matchCriteriaId": "1A99A84F-1E38-4B2E-B482-41E975D2B992" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r10:*:*:*:*:*:*", "matchCriteriaId": "1BA55FFD-9A77-4EA1-B03C-A35294900E03" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r11:*:*:*:*:*:*", "matchCriteriaId": "42EB6416-1627-42B7-A829-E71F6A99FDE2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r12:*:*:*:*:*:*", "matchCriteriaId": "9187D4D3-EA76-4445-99BC-CF0D1EAF9B6F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r13:*:*:*:*:*:*", "matchCriteriaId": "CAEAE3E4-E8D2-4D62-9D2D-7F716B5AABD6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r13.1:*:*:*:*:*:*", "matchCriteriaId": "CFC56796-7FE3-4E6A-BF0F-AC66A4E5367C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r14:*:*:*:*:*:*", "matchCriteriaId": "DD18DECB-0500-41CD-9B15-34FCEEB9F762" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r2:*:*:*:*:*:*", "matchCriteriaId": "6A1B7EB7-57CA-4578-8F95-6FE90C41C70A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r3:*:*:*:*:*:*", "matchCriteriaId": "3CA870E8-C3B6-49AC-8905-B747B97E17B2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r3.1:*:*:*:*:*:*", "matchCriteriaId": "F620CA05-5DD2-4307-AA90-479BA9859A60" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4:*:*:*:*:*:*", "matchCriteriaId": "4C37ACCA-84F7-4D20-9695-2B028791967A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4.1:*:*:*:*:*:*", "matchCriteriaId": "38A0D053-0AE0-410C-82F1-577C1E8E3913" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4.2:*:*:*:*:*:*", "matchCriteriaId": "2C415B9E-F65C-4189-8AA6-DE39A0DE33F4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r5:*:*:*:*:*:*", "matchCriteriaId": "2D91B4D9-54B5-4D5D-BC11-D5A9E2A8E518" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r6:*:*:*:*:*:*", "matchCriteriaId": "C768F191-8685-4723-B0B4-5D6DA97318DD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r7:*:*:*:*:*:*", "matchCriteriaId": "CF6EB502-E2B1-4D8B-ACE7-6C998D29DBE8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r8:*:*:*:*:*:*", "matchCriteriaId": "1EE141EA-2EF9-4229-B618-59853628743A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r8.1:*:*:*:*:*:*", "matchCriteriaId": "6ADA12DC-C223-4037-92B9-70C385B52A6D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r8.2:*:*:*:*:*:*", "matchCriteriaId": "DFF39371-F9CE-437A-9720-CD6B2721968B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r9:*:*:*:*:*:*", "matchCriteriaId": "7DF7ED4E-F2E6-4FB4-AE20-7E98EC5F9918" } ] } ] } ], "references": [ { "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW", "source": "support@hackerone.com", "tags": [ "Third Party Advisory" ] } ] }