Rewterz

Rewterz Threat Advisory – Multiple IBM QRadar User Behavior Analytics Vulnerabilities

May 17, 2021
Rewterz

Rewterz Threat Advisory – CVE-2021-1463 – Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability

May 18, 2021

Rewterz Threat Advisory – CVE-2021-22908 – Pulse Connect Secure Buffer Overflow Vulnerability

Severity

High

Analysis Summary

CVE-2021-22908

Buffer Overflow in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default.

Impact

Windows File Share Browser

Affected Vendors

Pulse Connect

Affected Products

  • Pulse Connect Secure 9.0RX
  • Pulse Connect Secure 9.1RX

Remediation

The solution for this vulnerability is to upgrade the Pulse Connect Secure server software version to the 9.1R.11.5.

https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB43892?q=pulse+elevated&atype=sa&l=en_US&fs=Search&pn=1

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.