Loading
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature
Use CWE-77, Ivanti vendor hub and Connect Secure product page to widen CVE-2021-22899 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-55145, CVE-2025-55147 and CVE-2025-55142 for nearby disclosures in the same product family. Additional editorial context is available in The Weekly Cybersecurity Brief: February 27th, 2026.