VYPR
Unrated severityNVD Advisory· Published May 14, 2021· Updated Aug 3, 2024

CVE-2021-31922

CVE-2021-31922

Description

An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could allow an attacker to smuggle an HTTP request through an HTTP/2 Header. This vulnerability is resolved in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, and 18.2R3.

Affected products

2
  • Pulse Secure/Virtual Traffic Managerdescription
  • Range: <21.1 (or fixed in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, 18.2R3)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.