CVE-2016-4787

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read sensitive system authentication files in an unspecified directory via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ivanticonnect_secure
8.0
ivanticonnect_secure
8.2
pulsesecurepulse_connect_secure
7.4
ivanticonnect_secure
8.1
pulsesecurepulse_connect_secure
8.1r1.0:r1.0
𝑥
= Vulnerable software versions
References
http://www.securitytracker.com/id/1035932
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40207
http://www.securitytracker.com/id/1035932
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40207