31 matches found
CVE-2019-11539
CVE-2019-11539 is a post-auth command injection vulnerability in Pulse Secure VPN appliances (Pulse Connect Secure and Pulse Policy Secure) that can be exploited by an authenticated attacker via the admin web interface to inject and execute commands. Connected sources confirm the flaw requires ad...
CVE-2020-8218
Pulse Connect Secure
CVE-2019-11477
CVE-2019-11477 (SACK Panic) is a Linux kernel TCP vulnerability where crafted SACK blocks can trigger an integer overflow, potentially causing a kernel crash and DoS. CVE-2019-11478/11479 describe related DoS via SACK handling and low MSS. In practice, Arista discloses affected products (EOS, Clo...
CVE-2019-11478
CVE-2019-11478 describes a DoS in the Linux kernel TCP SACK handling where the TCP retransmission queue can fragment, leading to degraded performance or denial of service when processing crafted SACK sequences. The initial entry notes a fixed commit f070ef2ac66716357066b683fb0baf55f8191a2e and st...
CVE-2020-11580
CVE-2020-11580 affects Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06 where the tncc.jar applet on macOS/Linux/Solaris, under an enforced Host Checker policy, accepts arbitrary SSL certificates. This can enable a man-in-the-middle by bypassing certificate validation in the Host Checke...
CVE-2019-11509
Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) are affected by CVE-2019-11509, an authentication-enabled, admin-web-interface vulnerability where an attacker can exploit Incorrect Access Control to execute arbitrary code on the appliance. Impact is shown as remote code execution with au...
CVE-2020-12880
CVE-2020-12880 affects Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance prior to 9.1R8. By manipulating a kernel boot parameter, an insider can drop into a root shell in a pre-install phase where the appliance source code is accessible. Root access risk is limited to the...
CVE-2019-11540
CVE-2019-11540 affects Pulse Secure products: Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS). Affected versions include PCS 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1; PPS 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1. Description: an unauthenticated, remote attacker can perform a se...
CVE-2020-11582
CVE-2020-11582 affects Pulse Secure Pulse Connect Secure (PCS) clients with Host Checker enabled. The tncc.jar applet on macOS, Linux and Solaris launches a local TCP server on a random port, reachable by local HTTP clients, with the server potentially processing commands (e.g., setcookie) releva...
CVE-2018-20810
CVE-2018-20810 affects Pulse Secure Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS): session data exchanged during cluster synchronization between nodes is not properly encrypted in PCS 8.3RX before 8.3R2 and PPS 5.4RX before 5.4R2. The issue does not apply to PCS 8.1RX, PPS 5.2RX, or st...
CVE-2020-8261
CVE-2020-8261: A vulnerability in Pulse Connect Secure / Pulse Policy Secure versions prior to 9.1R9 allows arbitrary cookie injection via the admin/web interfaces. Root cause details are not elaborated in the provided sources, but multiple advisories corroborate the issue. Affected products are ...
CVE-2019-11542
CVE-2019-11542 describes a stack buffer overflow in Pulse Connect Secure / Pulse Policy Secure triggered by an authenticated attacker via the admin web interface by sending a specially crafted message. The issue is one of a family of vulnerabilities disclosed in Pulse Secure advisories (SA44101) ...
CVE-2020-11581
Pulse Connect Secure (PCS) clients with Host Checker policy enabled on macOS, Linux, or Solaris are affected by CVE-2020-11581 due to an applet in tncc.jar that uses Runtime.getRuntime().exec(), enabling a MITM attacker to perform OS command injections via shell metacharacters in doCustomRemediat...
CVE-2017-11455
CVE-2017-11455 affects Pulse Connect Secure diag.cgi and Pulse Policy Secure diag.cgi, enabling remote attackers to hijack administrator authentication for requests to start tcpdump due to missing anti-CSRF tokens. Affected: Pulse Connect Secure versions 8.2R1–8.2R5 and 8.1R1–8.1R10; Pulse Policy...
CVE-2018-20814
The CVE-2018-20814 issue is a cross-site scripting (XSS) vulnerability in Psaldownload.cgi affecting Pulse Connect Secure (PCS) 8.3R2 and earlier and Pulse Policy Secure (PPS) 5.4RX and earlier (not applicable to PCS 8.1RX or PPS 5.2RX). Root cause is insufficient validation of client data in the...
CVE-2020-8262
CVE-2020-8262 affects Pulse Connect Secure and Pulse Policy Secure if running versions earlier than 9.1R9. The vulnerability allows Cross-Site Scripting (XSS) and Open Redirection via the authenticated user web interface. Public references in Red Hat advisory and Nessus entries confirm the issue ...
CVE-2018-20809
CVE-2018-20809 affects Pulse Secure Pulse Connect Secure (PCS) and Pulse Policy Secure. A crafted message can cause the web server to crash on PCS 8.3RX before 8.3R5 and Pulse Policy Secure 5.4RX before 5.4R5; PCS 8.1RX is not affected. Affected versions: PCS 8.3RX–8.3R4 and PPS 5.4RX–5.4R4. The ...
CVE-2020-8238
CVE-2020-8238 affects Pulse Connect Secure and Pulse Policy Secure
CVE-2019-11543
CVE-2019-11543 is an XSS in the admin web console of Pulse Secure Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS). Affected product lines include PCS: 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.1RX before 8.1R15.1; PPS: 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.2RX before 5.2R12.1...
CVE-2020-8206
CVE-2020-8206 affects Pulse Connect Secure and Pulse Policy Secure versions prior to 9.1RB, enabling an attacker who has a user’s primary credentials to bypass Google TOTP authentication. Multiple connected sources confirm the same core issue: improper authentication that directly bypasses TOTP. ...
CVE-2020-15352
CVE-2020-15352 is an XXE-based SSRF vulnerability in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) prior to 9.1R9. The issue arises from an XML External Entity in crafted XML requests that remote authenticated admins can abuse to reach server-side resources. Public sources in the conne...
CVE-2020-8221
CVE-2020-8221 describes a path traversal weakness in Pulse Connect Secure prior to 9.1R8 that allows an authenticated attacker to read arbitrary files via the administrator web interface. The issue is tied to the Pulse Connect Secure/Policy Secure family (PCS/PPS) with the
CVE-2020-8217
Pulse Connect Secure versions prior to 9.1R8 are affected by a cross-site scripting (XSS) vulnerability in the URL used for Citrix ICA. The root cause is insufficient validation/cleaning of client data in the web application, allowing attacker-controlled input to execute client-side code. Impact ...
CVE-2020-8216
CVE-2020-8216 describes an information-disclosure vulnerability in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) prior to version 9.1R8, where an authenticated end-user can reveal meeting details if they know the Meeting ID. Public sources in the provided documents confirm the affected...
CVE-2020-8220
Pulse Connect Secure prior to 9.1R8 is affected by CVE-2020-8220: an authenticated attacker can use the administrator web interface to perform command injection, causing a denial of service. The Red Hat/IVANTI/Nessus entries confirm the issue and point to upgrading to 9.1R8 as the remediation."
CVE-2020-8219
Pulse Connect Secure (PCS) and Pulse Policy Secure versions prior to 9.1R8 are affected by CVE-2020-8219 due to an insufficient permission check that allows an attacker to change the password of a full administrator. Impact is limited to unauthorized password change of admin accounts; no exploit ...
CVE-2018-6320
CVE-2018-6320 affects Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) where login.cgi improperly validates the http(s) Host header. Affected versions: PCS 8.1RX pre-8.1R12 and 8.3RX pre-8.3R2; PPS 5.2RX pre-5.2R9 and 5.4RX pre-5.4R2. The issue arises from trusting the Host header receive...
CVE-2018-5299
CVE-2018-5299 is a stack-based buffer overflow in the web server of Pulse Secure Pulse Connect Secure (PCS) prior to 8.3R4 and Pulse Policy Secure (PPS) prior to 5.4R4, leading to memory corruption and potential remote code execution. Public sources (NVD/CNVD/PRION/CVE List) confirm a network-vec...
CVE-2020-8222
CVE-2020-8222 describes a path-traversal vulnerability in Pulse Connect Secure versions older than 9.1R8. An authenticated attacker, using the administrator web interface (via Meeting), can read arbitrary files due to the underlying file-reading weakness. Connected sources (Red Hat advisory, Ness...
CVE-2018-14366
CVE-2018-14366 is an Open Redirect vulnerability affecting Pulse Connect Secure and Pulse Policy Secure. The issue resides in download.cgi and can be triggered on Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4, and on Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX befo...
CVE-2020-8204
CVE-2020-8204 is an XSS vulnerability affecting Pulse Connect Secure (