XXE vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
![]() | Server side request forgery (ssrf) | 27 Oct 202005:15 | – | prion |
![]() | CVE-2020-15352 | 27 Oct 202004:10 | – | cvelist |
![]() | CVE-2020-15352 | 27 Oct 202005:15 | – | nvd |
![]() | CVE-2020-15352 | 22 May 202516:23 | – | redhatcve |
![]() | Pulse Policy Secure < 9.1R9 (SA44601) | 30 Oct 202000:00 | – | nessus |
![]() | Pulse Connect Secure < 9.1R9 (SA44601) | 30 Oct 202000:00 | – | nessus |
![]() | SA44601 - 2020-10: Security Bulletin: Multiple Vulnerabilities Resolved in Pulse Connect Secure / Pulse Policy Secure / Pulse Secure Desktop Client 9.1R9 | 14 Feb 202307:22 | – | ivanti |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo