vulnerability

Pulse Secure Pulse Connect Secure: CVE-2019-11509: Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX (SA44101)

Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Jun 3, 2019
Added
Oct 28, 2020
Modified
Feb 15, 2024

Description

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance.

Solution(s)

pulse-secure-pulse-connect-secure-upgrade-8_1r15_1pulse-secure-pulse-connect-secure-upgrade-8_2r12_1pulse-secure-pulse-connect-secure-upgrade-8_3r7_1pulse-secure-pulse-connect-secure-upgrade-9_0r4
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.