Connect Secure@8.1 Security Vulnerabilities and Issues — Connect Secure@8.1 CVE List

Lucene search

IvantiConnect Secure8.1

8 matches found

CVE•added 2019/04/26 2:29 a.m.•1119 views

CVE-2019-11539

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin we...

8CVSS7.9AI score0.93756EPSS

CVE•added 2019/06/03 8:29 p.m.•92 views

CVE-2019-11509

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin w...

8.8CVSS9.2AI score0.07261EPSS

CVE•added 2019/04/26 2:29 a.m.•69 views

CVE-2019-11542

8CVSS8AI score0.38785EPSS

CVE•added 2019/05/08 5:29 p.m.•63 views

CVE-2019-11508

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance.

8.6CVSS8.4AI score0.04517EPSS

CVE•added 2019/04/26 2:29 a.m.•60 views

CVE-2019-11538

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1, an NFS problem could allow an authenticated attacker to access the contents of arbitrary files on the affected device.

7.7CVSS8.3AI score0.03492EPSS

CVE•added 2019/06/28 6:15 p.m.•58 views

CVE-2018-20811

A hidden RPC service issue was found with Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2 and 8.1RX before 8.1R12.

5.3CVSS5.3AI score0.00714EPSS

CVE•added 2019/04/26 2:29 a.m.•50 views

CVE-2019-11543

XSS exists in the admin web console in Pulse Secure Pulse Connect Secure (PCS) 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, and 5.2RX before 5.2R12.1.

8.3CVSS6.5AI score0.00213EPSS

CVE•added 2019/06/28 6:15 p.m.•44 views

CVE-2018-20807

An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to one of the URL parameters not being sanitized properly.

6.1CVSS5.9AI score0.0012EPSS