Loading
A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.
Use CWE-94, Ivanti vendor hub and Connect Secure product page to widen CVE-2021-22900 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-55145, CVE-2025-55147 and CVE-2025-55142 for nearby disclosures in the same product family. Additional editorial context is available in The Weekly Cybersecurity Brief: February 27th, 2026.