CVE-2022-35254

CVSS V2 None CVSS V3 None
Description
An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.
Overview
  • CVE ID
  • CVE-2022-35254
  • Assigner
  • support@hackerone.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-05T22:15:10
  • Last Modified Date
  • 2022-12-08T19:20:50
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:* 1 OR 9.1
cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:* 1 OR 9.1
cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:* 1 OR
cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:-:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r1.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r10.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r10.2:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.3:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.4:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.5:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r12:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r12.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r12.2:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r13:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r13.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r14:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r2:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r2.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r3:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r3.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.2:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.3:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r5:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r5.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r6:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r6.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r7:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r7.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.2:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.4:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.0:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.2:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r10:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r11:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r12:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r13:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r13.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r14:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r2:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r3:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r3.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4.2:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r5:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r6:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r7:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r8:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r8.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r8.2:*:*:*:*:*:* 1 OR
cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r9:*:*:*:*:*:* 1 OR
History
Created Old Value New Value Data Type Notes
2022-12-07 18:06:37 Added to TrackCVE
2022-12-07 18:15:31 2022-12-05T22:15:10.457 2022-12-05T22:15:10 CVE Published Date updated
2022-12-07 18:15:31 2022-12-05T23:40:11 CVE Modified Date updated
2022-12-07 18:15:31 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-08 20:15:59 2022-12-08T19:20:50 CVE Modified Date updated
2022-12-08 20:15:59 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-08 20:15:59 CWE-400 Weakness Enumeration new
2022-12-08 20:16:01 CPE Information updated