Rewterz Threat Advisory – Multiple IBM QRadar User Behavior Analytics Vulnerabilities
May 17, 2021Rewterz Threat Advisory – CVE-2021-1463 – Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability
May 18, 2021Rewterz Threat Advisory – Multiple IBM QRadar User Behavior Analytics Vulnerabilities
May 17, 2021Rewterz Threat Advisory – CVE-2021-1463 – Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability
May 18, 2021Severity
High
Analysis Summary
CVE-2021-22908
Buffer Overflow in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default.
Impact
Windows File Share Browser
Affected Vendors
Pulse Connect
Affected Products
- Pulse Connect Secure 9.0RX
- Pulse Connect Secure 9.1RX
Remediation
The solution for this vulnerability is to upgrade the Pulse Connect Secure server software version to the 9.1R.11.5.