CVE-2022-35258

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

Weakness

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

Affected Software

Name	Vendor	Start Version	End Version
Connect_secure	Ivanti	*	9.1 (excluding)
Connect_secure	Ivanti	9.1 (including)	9.1 (including)
Connect_secure	Ivanti	9.1-r1 (including)	9.1-r1 (including)
Connect_secure	Ivanti	9.1-r1.0 (including)	9.1-r1.0 (including)
Connect_secure	Ivanti	9.1-r10.0 (including)	9.1-r10.0 (including)
Connect_secure	Ivanti	9.1-r10.2 (including)	9.1-r10.2 (including)
Connect_secure	Ivanti	9.1-r11.0 (including)	9.1-r11.0 (including)
Connect_secure	Ivanti	9.1-r11.1 (including)	9.1-r11.1 (including)
Connect_secure	Ivanti	9.1-r11.3 (including)	9.1-r11.3 (including)
Connect_secure	Ivanti	9.1-r11.4 (including)	9.1-r11.4 (including)
Connect_secure	Ivanti	9.1-r11.5 (including)	9.1-r11.5 (including)
Connect_secure	Ivanti	9.1-r12 (including)	9.1-r12 (including)
Connect_secure	Ivanti	9.1-r12.1 (including)	9.1-r12.1 (including)
Connect_secure	Ivanti	9.1-r12.2 (including)	9.1-r12.2 (including)
Connect_secure	Ivanti	9.1-r13 (including)	9.1-r13 (including)
Connect_secure	Ivanti	9.1-r13.1 (including)	9.1-r13.1 (including)
Connect_secure	Ivanti	9.1-r14 (including)	9.1-r14 (including)
Connect_secure	Ivanti	9.1-r15 (including)	9.1-r15 (including)
Connect_secure	Ivanti	9.1-r16 (including)	9.1-r16 (including)
Connect_secure	Ivanti	9.1-r16.1 (including)	9.1-r16.1 (including)
Connect_secure	Ivanti	9.1-r2 (including)	9.1-r2 (including)
Connect_secure	Ivanti	9.1-r2.0 (including)	9.1-r2.0 (including)
Connect_secure	Ivanti	9.1-r3 (including)	9.1-r3 (including)
Connect_secure	Ivanti	9.1-r3.0 (including)	9.1-r3.0 (including)
Connect_secure	Ivanti	9.1-r4 (including)	9.1-r4 (including)
Connect_secure	Ivanti	9.1-r4.0 (including)	9.1-r4.0 (including)
Connect_secure	Ivanti	9.1-r4.1 (including)	9.1-r4.1 (including)
Connect_secure	Ivanti	9.1-r4.2 (including)	9.1-r4.2 (including)
Connect_secure	Ivanti	9.1-r4.3 (including)	9.1-r4.3 (including)
Connect_secure	Ivanti	9.1-r5 (including)	9.1-r5 (including)
Connect_secure	Ivanti	9.1-r5.0 (including)	9.1-r5.0 (including)
Connect_secure	Ivanti	9.1-r6 (including)	9.1-r6 (including)
Connect_secure	Ivanti	9.1-r6.0 (including)	9.1-r6.0 (including)
Connect_secure	Ivanti	9.1-r7 (including)	9.1-r7 (including)
Connect_secure	Ivanti	9.1-r7.0 (including)	9.1-r7.0 (including)
Connect_secure	Ivanti	9.1-r8 (including)	9.1-r8 (including)
Connect_secure	Ivanti	9.1-r8.0 (including)	9.1-r8.0 (including)
Connect_secure	Ivanti	9.1-r8.1 (including)	9.1-r8.1 (including)
Connect_secure	Ivanti	9.1-r8.2 (including)	9.1-r8.2 (including)
Connect_secure	Ivanti	9.1-r8.4 (including)	9.1-r8.4 (including)
Connect_secure	Ivanti	9.1-r9 (including)	9.1-r9 (including)
Connect_secure	Ivanti	9.1-r9.0 (including)	9.1-r9.0 (including)
Connect_secure	Ivanti	9.1-r9.1 (including)	9.1-r9.1 (including)
Connect_secure	Ivanti	9.1-r9.2 (including)	9.1-r9.2 (including)
Connect_secure	Ivanti	21.9-r1 (including)	21.9-r1 (including)
Connect_secure	Ivanti	21.12-r1 (including)	21.12-r1 (including)
Connect_secure	Ivanti	22.1-r1 (including)	22.1-r1 (including)
Connect_secure	Ivanti	22.2 (including)	22.2 (including)
Connect_secure	Ivanti	22.2-r1 (including)	22.2-r1 (including)
Neurons_for_zero-trust_access	Ivanti	22.2-r1 (including)	22.2-r1 (including)
Policy_secure	Ivanti	*	9.1 (excluding)
Policy_secure	Ivanti	9.1 (including)	9.1 (including)
Policy_secure	Ivanti	9.1-r1 (including)	9.1-r1 (including)
Policy_secure	Ivanti	9.1-r10 (including)	9.1-r10 (including)
Policy_secure	Ivanti	9.1-r11 (including)	9.1-r11 (including)
Policy_secure	Ivanti	9.1-r12 (including)	9.1-r12 (including)
Policy_secure	Ivanti	9.1-r13 (including)	9.1-r13 (including)
Policy_secure	Ivanti	9.1-r13.1 (including)	9.1-r13.1 (including)
Policy_secure	Ivanti	9.1-r14 (including)	9.1-r14 (including)
Policy_secure	Ivanti	9.1-r15 (including)	9.1-r15 (including)
Policy_secure	Ivanti	9.1-r16 (including)	9.1-r16 (including)
Policy_secure	Ivanti	9.1-r2 (including)	9.1-r2 (including)
Policy_secure	Ivanti	9.1-r3 (including)	9.1-r3 (including)
Policy_secure	Ivanti	9.1-r3.1 (including)	9.1-r3.1 (including)
Policy_secure	Ivanti	9.1-r4 (including)	9.1-r4 (including)
Policy_secure	Ivanti	9.1-r4.1 (including)	9.1-r4.1 (including)
Policy_secure	Ivanti	9.1-r4.2 (including)	9.1-r4.2 (including)
Policy_secure	Ivanti	9.1-r5 (including)	9.1-r5 (including)
Policy_secure	Ivanti	9.1-r6 (including)	9.1-r6 (including)
Policy_secure	Ivanti	9.1-r7 (including)	9.1-r7 (including)
Policy_secure	Ivanti	9.1-r8 (including)	9.1-r8 (including)
Policy_secure	Ivanti	9.1-r8.1 (including)	9.1-r8.1 (including)
Policy_secure	Ivanti	9.1-r8.2 (including)	9.1-r8.2 (including)
Policy_secure	Ivanti	9.1-r9 (including)	9.1-r9 (including)
Policy_secure	Ivanti	22.1-r1 (including)	22.1-r1 (including)
Policy_secure	Ivanti	22.2-r1 (including)	22.2-r1 (including)

Potential Mitigations

Use languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences.
Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).
Use languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences.
Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).

References

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW

NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-35258
CWE	https://cwe.mitre.org/data/definitions/682.html

Incorrect Calculation

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References