Reset Search
 

 

Article

KB44987 - (CVE-2021-4034) - Local privilege escalation vulnerability was found on polkit's pkexec utility

« Go Back

Information

 
Last Modified Date2/2/2022 7:59 AM
Synopsis
Problem or Goal
A Local privilege escalation vulnerability on polkit's pkexec utility has been reported on the 25th of January, 2022. 

More details can be found in the links below,

https://access.redhat.com/security/cve/CVE-2021-4034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034

 
Cause
Solution
Ivanti Pulse Engineering teams have completed their investigation and the complete results are updated in the table below. 
 
ProductImpact
Pulse Secure Virtual Traffic ManagerNot Affected*
Pulse Secure Services DirectorNot Exploitable**
Pulse Secure Web Application FirewallNot Affected*
Pulse Connect SecureNot Affected*
Ivanti Connect Secure (ICS)Not Affected*
Pulse Policy SecureNot Affected*
Pulse Desktop ClientNot Affected*
Pulse Mobile ClientNot Affected*
Pulse OneNot Affected*
Pulse ZTANot Affected*
Ivanti Neurons for ZTANot Affected*
Ivanti Neurons for secure AccessNot Affected*
Note:
* polkit's pkexec utility not used.
** polkit's pkexec utility used is polkit-0.96-11.el6_10.1
Related Links
Attachment 1 
Created ByRaghu Kumar

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255