CVE-2021-22900

Ivanti

KEV
  • Vendors: Ivanti

🛡️ Vulnerability overview CVE-2021-22900

Reference CISA’s ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22900

📊 Technical details

  • Severity:
  • CVSS:
  • Vendor:

🧩 Affected products

  • Not specified.
  • Update to the latest available version
  • Monitor logs and network traffic
  • Apply least-privilege and segment the network

🔗 References

  • No related CVEs.

Subscribe for CVE alerts

Reference CISA’s ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22900

Related CVE by CWE

No related CWE found.

Top CVE for Vendor

No items for this vendor.

Recently Exploited Similar Vulnerabilities

No recent KEV-listed items for this vendor/product.

How to fix CVE-2021-22900

CVE-2021-22900 is a unknown severity vulnerability affecting Ivanti the affected product.

Description: 🛡️ Vulnerability overview CVE-2021-22900 Reference CISA’s ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22900 📊 Technical details Severity: CVSS: Vendor: 🧩 Affected products Not specified. 🚨 Recommended mitigations Update to the latest available version Monitor logs and network […]

Exploit Difficulty: HARD
⏱️ Time to exploit: > 4 hours
🛠️ Required skills: Advanced security expertise
💰 Public exploits: Rare or not public

How to Fix:

1 Identify affected systems

- Check if you're running the affected product

2 Immediate actions

- Update to the latest patched version
- If patching is not immediately possible: restrict network exposure, apply least-privilege access

3 Verification

- Test the fix in a staging environment first
- Review logs for signs of exploitation
- Monitor for IOCs (Indicators of Compromise)

4 Long-term prevention

- Enable automatic security updates
- Set up vulnerability monitoring
- Review and harden security configurations

Vendor Advisory: https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities)

Exploit Difficulty Assessment

HARD
⏱️ Time to Exploit: > 4 hours
🛠️ Skills Required: Advanced security expertise
💰 Public Exploits: Rare or not public
🚨 KEV Status: This vulnerability is actively exploited in the wild!

Vulnerability Timeline

Timeline information not available for this CVE.

Detection Rules & IOCs

No specific detection rules generated for this vulnerability type.

Ivanti