6.5
CVSSv2

CVE-2019-11508

Published: 08/05/2019 Updated: 09/08/2019
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

In Pulse Secure Pulse Connect Secure (PCS) prior to 8.1R15.1, 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance.

Vulnerability Trend

Affected Products

Vendor Product Versions
PulsesecurePulse Connect Secure7.1, 7.4, 8.1, 8.2, 8.3, 9.0

Github Repositories