Lucene search
K

4 matches found

Prion
Prion
added 2019/04/12 3:29 p.m.29 views

Sql injection

In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. The endpoint would need to be already compromised for exploitation to succeed...

6.8CVSS4.2AI score0.02822EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2019/04/12 2:27 p.m.105 views

CVE-2019-11213

CVE-2019-11213 affects Pulse Secure Pulse Desktop Client and Pulse Connect Secure (Network Connect). The issue is improper handling/storage of session cookies/tokens, enabling an attacker who already compromised the endpoint to replay/spoof sessions and gain unauthorized end-user access. Affected...

8.1CVSS4.1AI score0.02822EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2019/04/09 9:4 p.m.132 views

CVE-2019-1573

CVE-2019-1573 affects Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and 4.1.10 and earlier for macOS. A local, authenticated attacker who has compromised the end-user account and can inspect memory could access authentication/session tokens and replay them to spoof the VPN session and ...

2.5CVSS3.9AI score0.00275EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2019/04/09 9:4 p.m.41 views

CVE-2019-1573 Information Disclosure in GlobalProtect Agent

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN...

2.5CVSS4AI score0.00275EPSS
Exploits0References5
Rows per page
Query Builder