CVE-2017-14935

EUVD-2017-6412
Pulse Secure Pulse One On-Premise 2.0.1649 and below does not properly validate requests, which allows remote users to query and obtain sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
pulsesecurepulse_one_on-premise
2.0.1649
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40971
http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40971