What the vulnerability does

01Description

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform command injection via an unsanitized web parameter in the administrator web console.

Key dates

02Disclosure timeline

August 16, 2021 CVE published
August 3, 2024 Record updated