13 matches found
EUVD-2015-7248
Malware in sbrugna...
EUVD-2015-7247
Malware in sbrugna...
SA45476 - Client Side Desync Attack (Informational)
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Portswigger has provided a responsible disclosure of a vulnerability that affects the Pulse Collaboration feature. Their write up can be found here:...
Take action! Multiple Pulse Secure VPN vulnerabilities exploited in the wild
Pulse Secure has alerted customers to the existence of an exploitable chain of attack against its Pulse Connect Secure PCS appliances. PCS provides Virtual Private Network VPN facilities to businesses, which use them to prevent unauthorized access to their networks and services. Cybersecurity...
CVE-2020-8256
A vulnerability in the Pulse Connect Secure 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity XXE vulnerability...
CVE-2020-8256
A vulnerability in the Pulse Connect Secure 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity XXE vulnerability...
Xxe
A vulnerability in the Pulse Connect Secure 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity XXE vulnerability...
CVE-2020-8256
A vulnerability in the Pulse Connect Secure 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity XXE vulnerability...
CVE-2015-7323
The Secure Meeting Pulse Collaboration in Pulse Connect Secure formerly Juniper Junos Pulse before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and...
Design/Logic Flaw
The Secure Meeting Pulse Collaboration in Pulse Connect Secure formerly Juniper Junos Pulse before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and...
CVE-2015-7322
The CVE-2015-7322 issue affects Pulse Connect Secure’s Secure Meeting (Pulse Collaboration). Affected releases expose different join-meeting messages based on meeting status, enabling remote attackers to enumerate valid meeting IDs by issuing a sequence of requests. This is an information-disclos...
Cross site scripting
Cross-site scripting XSS vulnerability in the Pulse Collaboration Secure Meeting user pages in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows remote authenticated users to inject arbitrary web scrip...
Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10617)
According to its self-reported version, the version of Juniper Junos Pulse Secure Access Service IVE OS running on the remote host is affected by an unspecified cross-site scripting vulnerability that is present within the Pulse Collaboration Secure Meeting user pages. An attacker could exploit...