CVE-2021-31922

Name of the Vulnerable Software and Affected Versions: Pulse Secure Virtual Traffic Manager versions prior to 21.1 Pulse Secure Virtual Traffic Manager versions 20.3 through 20.3R1 Pulse Secure Virtual Traffic Manager versions 20.2 through 20.2R1 Pulse Secure Virtual Traffic Manager versions 20.1 through 20.1R2 Pulse Secure Virtual Traffic Manager versions 19.2 through 19.2R4 Pulse Secure Virtual Traffic Manager versions 18.2 through 18.2R3

Description: An HTTP Request Smuggling issue could allow an attacker to smuggle an HTTP request through an HTTP/2 Header.

Recommendations: For versions prior to 21.1, update to version 21.1 or later. For versions 20.3, update to 20.3R1 or later. For versions 20.2, update to 20.2R1 or later. For versions 20.1, update to 20.1R2 or later. For versions 19.2, update to 19.2R4 or later. For versions 18.2, update to 18.2R3 or later.