CVE-2022-21826

Summary

CVE	CVE-2022-21826
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-09-30 17:15:00 UTC
Updated	2022-10-04 18:13:00 UTC
Description	Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up prefixing the next HTTP request sent down that connection, this means when someone loads website attacker may be able to make browser issue a POST to the application, enabling XSS.

Risk And Classification

Problem Types: CWE-444

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Pulsesecure	Pulse Connect Secure	All	All	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	-	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r1	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r1.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r10.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r10.2	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r11.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r11.1	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r11.3	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r11.4	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r12	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r12.1	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r12.2	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r13	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r15	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r2	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r2.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r3	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r3.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r4	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r4.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r4.1	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r4.2	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r4.3	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r5	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r5.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r6	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r6.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r7	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r7.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r8	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r8.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r8.1	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r8.2	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r8.4	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r9	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r9.0	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r9.1	All	All
Application	Pulsesecure	Pulse Connect Secure	9.1	r9.2	All	All

References

Reference	Source	Link	Tags
Public KB - SA45476 - Client Side Desync Attack (Informational)	MISC	kb.pulsesecure.net
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

38899 Ivanti Pulse Connect Secure Client Side Desync Attack Vulnerability (SA45476)