Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2019-11542
HistoryApr 26, 2019 - 2:29 a.m.

CVE-2019-11542

2019-04-2602:29:00
CWE-787
[email protected]
web.nvd.nist.gov
51
cve
2019
11542
pulse secure
connect secure
policy secure
buffer overflow
admin interface

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.184 Low

EPSS

Percentile

96.2%

JSON

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, an authenticated attacker (via the admin web interface) can send a specially crafted message resulting in a stack buffer overflow.

Affected configurations

NVD
Node
ivanticonnect_secureMatch8.1
OR
ivanticonnect_secureMatch8.2
OR
ivanticonnect_secureMatch8.3
OR
pulsesecurepulse_connect_secureMatch8.1r1.0
OR
pulsesecurepulse_connect_secureMatch8.2r1.0
OR
pulsesecurepulse_connect_secureMatch8.2r1.1
OR
pulsesecurepulse_connect_secureMatch8.2r2.0
OR
pulsesecurepulse_connect_secureMatch8.2r3.0
OR
pulsesecurepulse_connect_secureMatch8.2r3.1
OR
pulsesecurepulse_connect_secureMatch8.2r4.0
OR
pulsesecurepulse_connect_secureMatch8.2r4.1
OR
pulsesecurepulse_connect_secureMatch8.2r5.0
OR
pulsesecurepulse_connect_secureMatch8.2r5.1
OR
pulsesecurepulse_connect_secureMatch8.2r6.0
OR
pulsesecurepulse_connect_secureMatch8.2r7.0
OR
pulsesecurepulse_connect_secureMatch8.2r7.1
OR
pulsesecurepulse_connect_secureMatch8.2rx
OR
pulsesecurepulse_connect_secureMatch8.3rx
OR
pulsesecurepulse_connect_secureMatch9.0r1
OR
pulsesecurepulse_connect_secureMatch9.0r2
OR
pulsesecurepulse_connect_secureMatch9.0r2.1
OR
pulsesecurepulse_connect_secureMatch9.0r3
OR
pulsesecurepulse_connect_secureMatch9.0r3.1
OR
pulsesecurepulse_connect_secureMatch9.0r3.2
OR
pulsesecurepulse_connect_secureMatch9.0rx
OR
pulsesecurepulse_policy_secureMatch5.1r1.0
OR
pulsesecurepulse_policy_secureMatch5.1r1.1
OR
pulsesecurepulse_policy_secureMatch5.1r2.0
OR
pulsesecurepulse_policy_secureMatch5.1r2.1
OR
pulsesecurepulse_policy_secureMatch5.1r3.0
OR
pulsesecurepulse_policy_secureMatch5.1r3.2
OR
pulsesecurepulse_policy_secureMatch5.1r4.0
OR
pulsesecurepulse_policy_secureMatch5.1r5.0
OR
pulsesecurepulse_policy_secureMatch5.1r6.0
OR
pulsesecurepulse_policy_secureMatch5.1r7.0
OR
pulsesecurepulse_policy_secureMatch5.1r8.0
OR
pulsesecurepulse_policy_secureMatch5.1r9.0
OR
pulsesecurepulse_policy_secureMatch5.1r9.1
OR
pulsesecurepulse_policy_secureMatch5.1r10.0
OR
pulsesecurepulse_policy_secureMatch5.1r11.0
OR
pulsesecurepulse_policy_secureMatch5.1r11.1
OR
pulsesecurepulse_policy_secureMatch5.1r12.0
OR
pulsesecurepulse_policy_secureMatch5.1r12.1
OR
pulsesecurepulse_policy_secureMatch5.1r13.0
OR
pulsesecurepulse_policy_secureMatch5.1r14.0
OR
pulsesecurepulse_policy_secureMatch5.2r1.0
OR
pulsesecurepulse_policy_secureMatch5.2r2.0
OR
pulsesecurepulse_policy_secureMatch5.2r3.0
OR
pulsesecurepulse_policy_secureMatch5.2r3.2
OR
pulsesecurepulse_policy_secureMatch5.2r4.0
OR
pulsesecurepulse_policy_secureMatch5.2r5.0
OR
pulsesecurepulse_policy_secureMatch5.2r6.0
OR
pulsesecurepulse_policy_secureMatch5.2r7.0
OR
pulsesecurepulse_policy_secureMatch5.2r7.1
OR
pulsesecurepulse_policy_secureMatch5.2r8.0
OR
pulsesecurepulse_policy_secureMatch5.2r9.0
OR
pulsesecurepulse_policy_secureMatch5.2r9.1
OR
pulsesecurepulse_policy_secureMatch5.2r10.0
OR
pulsesecurepulse_policy_secureMatch5.2r11.0
OR
pulsesecurepulse_policy_secureMatch5.2rx
OR
pulsesecurepulse_policy_secureMatch5.3r1.0
OR
pulsesecurepulse_policy_secureMatch5.3r1.1
OR
pulsesecurepulse_policy_secureMatch5.3r2.0
OR
pulsesecurepulse_policy_secureMatch5.3r3.0
OR
pulsesecurepulse_policy_secureMatch5.3r3.1
OR
pulsesecurepulse_policy_secureMatch5.3r4.0
OR
pulsesecurepulse_policy_secureMatch5.3r4.1
OR
pulsesecurepulse_policy_secureMatch5.3r5.0
OR
pulsesecurepulse_policy_secureMatch5.3r5.1
OR
pulsesecurepulse_policy_secureMatch5.3r5.2
OR
pulsesecurepulse_policy_secureMatch5.3r6.0
OR
pulsesecurepulse_policy_secureMatch5.3r7.0
OR
pulsesecurepulse_policy_secureMatch5.3r8.0
OR
pulsesecurepulse_policy_secureMatch5.3r8.1
OR
pulsesecurepulse_policy_secureMatch5.3r8.2
OR
pulsesecurepulse_policy_secureMatch5.3r9.0
OR
pulsesecurepulse_policy_secureMatch5.3r10.
OR
pulsesecurepulse_policy_secureMatch5.3r11.0
OR
pulsesecurepulse_policy_secureMatch5.3r12.0
OR
pulsesecurepulse_policy_secureMatch5.3rx
OR
pulsesecurepulse_policy_secureMatch5.4r1
OR
pulsesecurepulse_policy_secureMatch5.4r2
OR
pulsesecurepulse_policy_secureMatch5.4r2.1
OR
pulsesecurepulse_policy_secureMatch5.4r3
OR
pulsesecurepulse_policy_secureMatch5.4r4
OR
pulsesecurepulse_policy_secureMatch5.4r5
OR
pulsesecurepulse_policy_secureMatch5.4r5.2
OR
pulsesecurepulse_policy_secureMatch5.4r6
OR
pulsesecurepulse_policy_secureMatch5.4r6.1
OR
pulsesecurepulse_policy_secureMatch5.4r7
OR
pulsesecurepulse_policy_secureMatch5.4rx
OR
pulsesecurepulse_policy_secureMatch9.0r1
OR
pulsesecurepulse_policy_secureMatch9.0r2
OR
pulsesecurepulse_policy_secureMatch9.0r2.1
OR
pulsesecurepulse_policy_secureMatch9.0r3
OR
pulsesecurepulse_policy_secureMatch9.0r3.1
OR
pulsesecurepulse_policy_secureMatch9.0rx

Related

nvd 1
checkpoint_advisories 1
prion 1
cvelist 1
hackerone 5
nessus 2
myhack58 1
cert 1
nvd
nvd
CVE-2019-11542
2019-04-26 02:29:00
checkpoint_advisories
checkpoint_advisories
Pulse Connect Secure Stack Buffer Overflow (CVE-2019-11542)
2019-09-15 00:00:00
prion
prion
Stack overflow
2019-04-26 02:29:00
cvelist
cvelist
CVE-2019-11542
2019-04-26 01:40:33
hackerone
hackerone
U.S. Dept Of Defense: Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN on the https://██████ (███)
2019-09-17 07:31:51
U.S. Dept Of Defense: Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN on the https://███
2019-08-21 13:03:00
Uber: Arbitrary File Reading on Uber SSL VPN
2019-06-17 18:51:03
nessus
nessus
Pulse Policy Secure Multiple Vulnerabilities (SA44101)
2019-05-10 00:00:00
Pulse Connect Secure Multiple Vulnerabilities (SA44101)
2019-05-10 00:00:00
myhack58
myhack58
Pulse Secure SSL VPN vulnerability alerts-a vulnerability alert-the black bar safety net
2019-08-27 00:00:00
cert
cert
Pulse Secure VPN contains multiple vulnerabilities
2019-10-16 00:00:00

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.184 Low

EPSS

Percentile

96.2%

JSON
Related for CVE-2019-11542
nvd1checkpoint_advisories1prion1cvelist1hackerone5nessus2myhack581cert1