vulnerability
Pulse Secure Pulse Connect Secure: CVE-2016-4791: [Pulse Secure] Information disclosure possible on admin UI (SA40210)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
6 | (AV:N/AC:L/Au:N/C:P/I:P/A:N) | May 26, 2016 | Oct 28, 2020 | Feb 15, 2024 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
May 26, 2016
Added
Oct 28, 2020
Modified
Feb 15, 2024
Description
The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via unspecified vectors.
Solution(s)
pulse-secure-pulse-connect-secure-upgrade-7_4r13_4pulse-secure-pulse-connect-secure-upgrade-8_0r9pulse-secure-pulse-connect-secure-upgrade-8_1r2pulse-secure-pulse-connect-secure-upgrade-8_2r1

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.