CVE-2021-22899: Ivanti Pulse Connect Secure Command Injection
Ivanti Pulse Connect Secure Command Injection Vulnerability. Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.
- CISA KEV-listed (remediation due 2022-05-03)
- EPSS 19.5% (95.5% percentile)