Reset Search
 

 

Article

KB45013 - CVE-2022-23852 - Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

« Go Back

Information

 
Last Modified Date2/24/2022 10:17 PM
Synopsis
Problem or Goal
A vulnerability has been reported on the 23rd of Jan 2022 under https://nvd.nist.gov/vuln/detail/CVE-2022-23852

Description - Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

Related link: https://access.redhat.com/security/cve/cve-2022-23852
Cause
Solution
Ivanti Pulse Engineering teams are aware of these vulnerabilities and we will keep this KB updated,

ProductCVSS Score / Exploitability if ApplicableImpactFix
Pulse Secure Virtual Traffic Manager AffectedvTM 22.1 (April 2022)
Pulse Secure Services DirectorCVSS Score 7.2
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Pulse Secure Services Director is potentially vulnerable, however, is only accessible to users with admin level privileges. The attack vector is highly complex and requires admin level privileges so exploitability factor is low.
AffectedTBD
Pulse Secure Web Application FirewallCVSS Score 7.2
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Some configuration management features are potentially vulnerable however these features are only accessible to users with admin level privileges. The attack vector is highly complex and requires admin level privileges so exploitability factor is low.
AffectedTo be Bundled with vTM 22.1 (Tentative for April, 2022)
 
Pulse Connect SecureCVSS Score 7.5
CVSS3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
For this to be successfully exploited on the PCS Server, an authenticated user session between Client and Server is required.  This makes the attack vector highly complex and exploitability factor medium to low.
Affected9.1R15 (Tentative for April, 2022)
Ivanti Connect Secure (ICS)CVSS Score 7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
For this to be successfully exploited on the PCS Server, an authenticated user session between Client and Server is required. This makes the attack vector highly complex and exploitability factor medium to low.
Affected22.3 (Tentative for April, 2022)
Pulse Policy SecureN/ANot Affected 
Pulse Desktop ClientCVSS Score 7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
For the exploit to succeed on the endpoint target, it requires an authenticated user session between Client and Server and the Server to be in compromised state. This makes the attack vector highly complex and exploitability factor medium to low.
AffectedPulse 9.1R15 (Tentative for April, 2022)
Pulse Mobile ClientN/ANot Affected 
Pulse OneN/ANot Exploitable* 
Ivanti Neurons for ZTAN/ANot Vulnerable** 
Ivanti Neurons for secure AccessN/ANot Vulnerable** 

* When package/Library is present but not used.
** When package/Library is present and used but it does not have the connectors (Prerequisites) to be vulnerable.
 
Related Links
Attachment 1 
Created ByRaghu Kumar

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255