Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

pulsesecure pulse connect secure 9.0rx vulnerabilities and exploits

(subscribe to this query)
9
CVSSv2
CVE-2021-22908
A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default.
Pulsesecure Pulse Connect Secure 9.0rxIvanti Connect Secure 9.1Ivanti Connect Secure 9.0
7.5
CVSSv2
CVE-2019-11540
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4 and 8.3RX prior to 8.3R7.1 and Pulse Policy Secure version 9.0RX prior to 9.0R3.2 and 5.4RX prior to 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack.
Pulsesecure Pulse Policy Secure 5.4r1Pulsesecure Pulse Policy Secure 5.4r2Pulsesecure Pulse Policy Secure 5.4r2.1Pulsesecure Pulse Policy Secure 5.4r3Pulsesecure Pulse Policy Secure 5.4rxPulsesecure Pulse Connect Secure 8.3rxPulsesecure Pulse Policy Secure 5.4r4Pulsesecure Pulse Policy Secure 5.4r5Pulsesecure Pulse Policy Secure 5.4r5.2Pulsesecure Pulse Policy Secure 5.4r6Pulsesecure Pulse Policy Secure 5.4r6.1Pulsesecure Pulse Policy Secure 5.4r7Pulsesecure Pulse Policy Secure 9.0r1Pulsesecure Pulse Policy Secure 9.0r2Pulsesecure Pulse Policy Secure 9.0r2.1Pulsesecure Pulse Policy Secure 9.0r3Pulsesecure Pulse Policy Secure 9.0r3.1Pulsesecure Pulse Policy Secure 9.0rxPulsesecure Pulse Connect Secure 9.0r1Pulsesecure Pulse Connect Secure 9.0r2Pulsesecure Pulse Connect Secure 9.0r2.1Pulsesecure Pulse Connect Secure 9.0r3
6.5
CVSSv2
CVE-2021-22899
A command injection vulnerability exists in Pulse Connect Secure prior to 9.1R11.4 allows a remote authenticated malicious user to perform remote code execution via Windows Resource Profiles Feature
Pulsesecure Pulse Connect Secure 9.0rxPulsesecure Pulse Connect SecureIvanti Connect Secure 9.1Ivanti Connect Secure 9.0
6.5
CVSSv2
CVE-2019-11509
In Pulse Secure Pulse Connect Secure (PCS) prior to 8.1R15.1, 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4 and Pulse Policy Secure (PPS) prior to 5.1R15.1, 5.2 prior to 5.2R12.1, 5.3 prior to 5.3R15.1, 5.4 prior to 5.4R7.1, and 9.0 prior to 9.0R3.2, an au...
Ivanti Connect Secure 9.0Ivanti Connect Secure 8.1Ivanti Connect Secure 8.2Ivanti Connect Secure 8.3Pulsesecure Pulse Policy Secure 5.2Pulsesecure Pulse Policy Secure 5.4Ivanti Policy Secure 9.0
6.5
CVSSv2
CVE-2019-11508
In Pulse Secure Pulse Connect Secure (PCS) prior to 8.1R15.1, 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance.
Pulsesecure Pulse Connect Secure 7.4Ivanti Connect Secure 9.0Ivanti Connect Secure 8.1Ivanti Connect Secure 8.2Ivanti Connect Secure 8.3Ivanti Connect Secure 7.1Ivanti Connect Secure 7.4
6.5
CVSSv2
CVE-2019-11539
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, 8.2RX prior to 8.2R12.1, and 8.1RX prior to 8.1R15.1 and Pulse Policy Secure version 9.0RX prior to 9.0R3.2, 5.4RX prior to 5.4R7.1, 5.3RX prior to 5.3R12.1, 5.2RX prior to 5.2R12.1, and ...
Pulsesecure Pulse Connect Secure 8.2r1.1Pulsesecure Pulse Policy Secure 5.1r5.0Pulsesecure Pulse Policy Secure 5.1r1.1Pulsesecure Pulse Policy Secure 5.1r2.0Pulsesecure Pulse Policy Secure 5.2r7.0Pulsesecure Pulse Policy Secure 5.3r7.0Pulsesecure Pulse Policy Secure 5.3r4.1Pulsesecure Pulse Policy Secure 5.3r2.0Pulsesecure Pulse Policy Secure 5.3r3.0Pulsesecure Pulse Policy Secure 5.3r1.0Pulsesecure Pulse Policy Secure 5.1r2.1Pulsesecure Pulse Policy Secure 5.1r1.0Pulsesecure Pulse Connect Secure 8.2r2.0Pulsesecure Pulse Connect Secure 8.1r1.0Pulsesecure Pulse Connect Secure 8.2r4.0Pulsesecure Pulse Policy Secure 5.2r2.0Pulsesecure Pulse Policy Secure 5.1r7.0Pulsesecure Pulse Policy Secure 5.3r5.1Pulsesecure Pulse Policy Secure 5.3r4.0Pulsesecure Pulse Policy Secure 5.1r3.2Pulsesecure Pulse Policy Secure 5.2r7.1Pulsesecure Pulse Policy Secure 5.1r3.0
6.5
CVSSv2
CVE-2019-11542
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, 8.2RX prior to 8.2R12.1, and 8.1RX prior to 8.1R15.1 and Pulse Policy Secure version 9.0RX prior to 9.0R3.2, 5.4RX prior to 5.4R7.1, 5.3RX prior to 5.3R12.1, 5.2RX prior to 5.2R12.1, and ...
Pulsesecure Pulse Connect Secure 8.2r1.1Pulsesecure Pulse Policy Secure 5.1r5.0Pulsesecure Pulse Policy Secure 5.1r1.1Pulsesecure Pulse Policy Secure 5.1r2.0Pulsesecure Pulse Policy Secure 5.2r7.0Pulsesecure Pulse Policy Secure 5.3r7.0Pulsesecure Pulse Policy Secure 5.3r4.1Pulsesecure Pulse Policy Secure 5.3r2.0Pulsesecure Pulse Policy Secure 5.3r3.0Pulsesecure Pulse Policy Secure 5.3r1.0Pulsesecure Pulse Policy Secure 5.1r2.1Pulsesecure Pulse Policy Secure 5.1r1.0Pulsesecure Pulse Connect Secure 8.2r2.0Pulsesecure Pulse Connect Secure 8.1r1.0Pulsesecure Pulse Connect Secure 8.2r4.0Pulsesecure Pulse Policy Secure 5.2r2.0Pulsesecure Pulse Policy Secure 5.1r7.0Pulsesecure Pulse Policy Secure 5.3r5.1Pulsesecure Pulse Policy Secure 5.3r4.0Pulsesecure Pulse Policy Secure 5.1r3.2Pulsesecure Pulse Policy Secure 5.2r7.1Pulsesecure Pulse Policy Secure 5.1r3.0
5
CVSSv2
CVE-2019-11541
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, and 8.2RX prior to 8.2R12.1, users using SAML authentication with the Reuse Existing NC (Pulse) Session option may see authentication leaks.
Pulsesecure Pulse Connect Secure 8.2r1.1Pulsesecure Pulse Connect Secure 8.2r2.0Pulsesecure Pulse Connect Secure 8.2r4.0Pulsesecure Pulse Connect Secure 8.2r5.0Pulsesecure Pulse Connect Secure 8.2r1.0Pulsesecure Pulse Connect Secure 8.2r4.1Pulsesecure Pulse Connect Secure 8.2r3.1Pulsesecure Pulse Connect Secure 8.2r3.0Pulsesecure Pulse Connect Secure 8.3rxPulsesecure Pulse Connect Secure 9.0r1Pulsesecure Pulse Connect Secure 9.0r2Pulsesecure Pulse Connect Secure 9.0r2.1Pulsesecure Pulse Connect Secure 9.0r3Pulsesecure Pulse Connect Secure 9.0r3.1Pulsesecure Pulse Connect Secure 9.0r3.2Pulsesecure Pulse Connect Secure 9.0rxPulsesecure Pulse Connect Secure 8.2r5.1Pulsesecure Pulse Connect Secure 8.2r6.0Pulsesecure Pulse Connect Secure 8.2r7.0Pulsesecure Pulse Connect Secure 8.2r7.1Pulsesecure Pulse Connect Secure 8.2rxIvanti Connect Secure 8.2
4.3
CVSSv2
CVE-2019-11543
XSS exists in the admin web console in Pulse Secure Pulse Connect Secure (PCS) 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, and 8.1RX prior to 8.1R15.1 and Pulse Policy Secure 9.0RX prior to 9.0R3.2, 5.4RX prior to 5.4R7.1, and 5.2RX prior to 5.2R12.1.
Pulsesecure Pulse Policy Secure 5.2r7.0Pulsesecure Pulse Connect Secure 8.1r1.0Pulsesecure Pulse Policy Secure 5.2r2.0Pulsesecure Pulse Policy Secure 5.2r7.1Pulsesecure Pulse Policy Secure 5.2r4.0Pulsesecure Pulse Policy Secure 5.2r3.2Pulsesecure Pulse Policy Secure 5.2r1.0Pulsesecure Pulse Policy Secure 5.2r5.0Pulsesecure Pulse Policy Secure 5.2r6.0Pulsesecure Pulse Policy Secure 5.2r8.0Pulsesecure Pulse Policy Secure 5.2r3.0Pulsesecure Pulse Policy Secure 5.4r1Pulsesecure Pulse Policy Secure 5.4r2Pulsesecure Pulse Policy Secure 5.4r2.1Pulsesecure Pulse Policy Secure 5.4r3Pulsesecure Pulse Policy Secure 5.4rxPulsesecure Pulse Policy Secure 5.2r9.0Pulsesecure Pulse Policy Secure 5.2r9.1Pulsesecure Pulse Policy Secure 5.2rxPulsesecure Pulse Connect Secure 8.3rxPulsesecure Pulse Connect Secure 8.1rxPulsesecure Pulse Policy Secure 5.2r10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook