CVE-2021-22900CISA KEVEPSS p96.1%

CVE-2021-22900Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability

Ivanti / Pulse Connect Secure

Description

Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

Scoring

EPSS14.15% probability of exploitation · percentile 96.1% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2021-11-03

(incoming)1

TypeTargetConfidenceTier
KEVEntryIvanti Pulse Connect Secure Unrestricted File Upload Vulnerabilitykev-cve-2021-229000%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Ivanti Pulse Connect Secure Code Execution Vulnerability
CVE
Ivanti Pulse Connect Secure Command Injection Vulnerability
CVE
Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability
CVE
Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability
CVE
Ivanti Connect Secure and Policy Secure Command Injection Vulnerability
CVE
Ivanti Pulse Connect Secure Use-After-Free Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.