vulnerability

CVE-2019-11510: Pulse Secure Connect unauthenticated arbitrary file read

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	May 8, 2019	Sep 18, 2019	May 3, 2022

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

May 8, 2019

Added

Sep 18, 2019

Modified

May 3, 2022

Description

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability.

Solution(s)

pulse-secure-connect-upgrade-8_1R15_1pulse-secure-connect-upgrade-8_2R12_1pulse-secure-connect-upgrade-8_3R7_1pulse-secure-connect-upgrade-9_0R3_4pulse-secure-connect-upgrade-9_0R4_0

References

BID-108073
CVE-2019-11510
https://attackerkb.com/topics/CVE-2019-11510
URL-https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today