Lucene search

[email protected]NVD:CVE-2018-20812

HistoryJun 28, 2019 - 6:15 p.m.

CVE-2018-20812

2019-06-2818:15:11

CWE-200

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

51.5%

JSON

An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints.

Affected configurations

NVD

Node

pulsesecurepulse_secure_desktop_clientMatch4.0r1.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r10.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r11.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r11.1mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r12.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r13.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r2.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r3.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r4.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r5.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r6.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r7.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r8.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r9.0mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r9.1mac_os_x

pulsesecurepulse_secure_desktop_clientMatch4.0r9.2mac_os_x

pulsesecurepulse_secure_desktop_clientMatch5.1r1.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r1.1macos

pulsesecurepulse_secure_desktop_clientMatch5.1r10.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r11.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r11.1macos

pulsesecurepulse_secure_desktop_clientMatch5.1r12.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r13.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r14.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r2.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r3.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r3.1macos

pulsesecurepulse_secure_desktop_clientMatch5.1r4.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r5.1macos

pulsesecurepulse_secure_desktop_clientMatch5.1r6.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r7.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r8.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r9.0macos

pulsesecurepulse_secure_desktop_clientMatch5.1r9.1macos

pulsesecurepulse_secure_desktop_clientMatch5.1r3.2macos

pulsesecurepulse_secure_desktop_clientMatch5.1r5.0macos

pulsesecurepulse_secure_desktop_clientMatch5.3r1macos

pulsesecurepulse_secure_desktop_clientMatch5.3r1.1macos

pulsesecurepulse_secure_desktop_clientMatch5.3r2macos

pulsesecurepulse_secure_desktop_clientMatch5.3r3macos

pulsesecurepulse_secure_desktop_clientMatch5.3r4macos

pulsesecurepulse_secure_desktop_clientMatch5.3r4.1macos

pulsesecurepulse_secure_desktop_clientMatch5.3r4.2macos

pulsesecurepulse_secure_desktop_clientMatch5.3r5macos

pulsesecurepulse_secure_desktop_clientMatch5.3r5.2macos

pulsesecurepulse_secure_desktop_clientMatch5.3r6macos

pulsesecurepulse_secure_desktop_clientMatch5.3r7macos

pulsesecurepulse_secure_desktop_clientMatch9.0r1macos

pulsesecurepulse_secure_desktop_clientMatch9.0r2macos

pulsesecurepulse_secure_desktop_clientMatch9.0r2.1macos

pulsesecurepulse_secure_desktop_clientMatch9.0r3macos

pulsesecurepulse_secure_desktop_clientMatch9.0r3.2macos

pulsesecurepulse_secure_desktop_clientMatch9.0r4macos

References

kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

51.5%

JSON

Related for NVD:CVE-2018-20812

cvelist1 cve1 prion1