4
CVSSv2

CVE-2019-11538

Published: 26/04/2019 Updated: 24/08/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 7.7 | Impact Score: 4 | Exploitability Score: 3.1
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Summary

In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, 8.2RX prior to 8.2R12.1, and 8.1RX prior to 8.1R15.1, an NFS problem could allow an authenticated malicious user to access the contents of arbitrary files on the affected device.

Vulnerability Trend

Github Repositories

Pulse-Secure-SSL-VPN-CVE-2019 漏洞编号: CVE-2019-11510——任意文件读取(无需授权) CVE-2019-11542——堆栈缓冲区溢出(管理员权限) CVE-2019-11539——命令注入(管理员权限) CVE-2019-11538——通过NFS读取任意文件(用户权限) CVE-2019-11508——通过NFS写入任意文件(用