Pulse Connect Secure Security Vulnerabilities and Issues — Pulse Connect Secure CVE List

Lucene search

PulsesecurePulse Connect Secure

12 matches found

CVE•added 2021/08/16 7:15 p.m.•75 views

CVE-2021-22933

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request.

6.5CVSS6.4AI score0.06308EPSS

CVE•added 2021/08/16 7:15 p.m.•65 views

CVE-2021-22936

A vulnerability in Pulse Connect Secure before 9.1R12 could allow a threat actor to perform a cross-site script attack against an authenticated administrator via an unsanitized web parameter.

6.1CVSS6.1AI score0.00252EPSS

CVE•added 2020/09/30 6:15 p.m.•55 views

CVE-2020-8238

A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure

6.1CVSS5.8AI score0.00172EPSS

CVE•added 2020/10/28 1:15 p.m.•53 views

CVE-2020-8262

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.

6.1CVSS5.8AI score0.00144EPSS

CVE•added 2020/07/30 1:15 p.m.•45 views

CVE-2020-8220

A denial of service vulnerability exists in Pulse Connect Secure

6.5CVSS6.5AI score0.06668EPSS

CVE•added 2017/07/12 8:29 p.m.•44 views

CVE-2017-11195

Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. The helpLaunchPage parameter is reflected in an IFRAME element, if the value contains two quotes. It properly sanitizes quotes and tags, so one cannot simply close the src with a quote and inject after that. However, an attacker can us...

6.1CVSS5.9AI score0.00388EPSS

CVE•added 2017/07/12 8:29 p.m.•42 views

CVE-2017-11194

Pulse Connect Secure 8.3R1 has Reflected XSS in adminservercacertdetails.cgi. In the admin panel, the certid parameter of adminservercacertdetails.cgi is reflected in the application's response and is not properly sanitized, allowing an attacker to inject tags. An attacker could come up with clever...

6.1CVSS6AI score0.0024EPSS

CVE•added 2020/07/30 1:15 p.m.•39 views

CVE-2020-8204

A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure

6.1CVSS5.9AI score0.00169EPSS

CVE•added 2020/07/30 1:15 p.m.•39 views

CVE-2020-8222

A path traversal vulnerability exists in Pulse Connect Secure

6.8CVSS6.4AI score0.0086EPSS

CVE•added 2018/09/06 11:29 p.m.•38 views

CVE-2018-14366

download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.

6.1CVSS6.2AI score0.001EPSS

CVE•added 2016/04/12 2:0 a.m.•33 views

CVE-2016-3985

The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors.

6.5CVSS6.1AI score0.00165EPSS

CVE•added 2016/05/26 2:59 p.m.•33 views

CVE-2016-4789

Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecifie...

6.1CVSS5.9AI score0.00093EPSS