CVE-2022-35258

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-35258
An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r2.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r3.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r5.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r6.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r7.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r8.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r8.4:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r9.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r9.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*
History

27 Feb 2024, 21:04

Type Values Removed Values Added
CPE cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r1.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r13.1:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.1:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r12.1:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r2.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r7.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r13:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.2:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r1:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r3:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.4:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r7:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r12:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.3:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.5:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r5:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r5.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r3.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r6:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:-:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.2:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.4:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.1:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r6.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.2:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r10.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.1:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r8.0:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r10.2:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.1:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r12.2:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.3:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r2:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r14:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.0:*:*:*:*:*:*		 cpe:2.3:a:ivanti:connect_secure:9.1:r8.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r3.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r6.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r8.4:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r5.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r9.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r7.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r2.0:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:9.1:r9.2:*:*:*:*:*:*

16 Jan 2024, 19:18

Type Values Removed Values Added
New CVE
Information

Published : 2022-12-05 22:15

Updated : 2024-02-27 21:04

NVD link : CVE-2022-35258

Mitre link : CVE-2022-35258

CVE.ORG link : CVE-2022-35258

JSON object : View

Products Affected

ivanti

  • policy_secure
  • neurons_for_zero-trust_access
  • connect_secure
CWE
CWE-682

Incorrect Calculation

CWE-128

Wrap-around Error