CVE-2019-11538 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.7 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
mitre	CNA	7.7 HIGH	NETWORK	LOW	LOW	CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:C/UI:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 88%

Affected Products (NVD)

Vendor	Product	Version
ivanti	connect_secure	8.1:r1.0
ivanti	connect_secure	8.1:r1.1
ivanti	connect_secure	8.1:r10.0
ivanti	connect_secure	8.1:r11.0
ivanti	connect_secure	8.1:r11.1
ivanti	connect_secure	8.1:r12.0
ivanti	connect_secure	8.1:r12.1
ivanti	connect_secure	8.1:r13.0
ivanti	connect_secure	8.1:r14.0
ivanti	connect_secure	8.1:r2.0
ivanti	connect_secure	8.1:r2.1
ivanti	connect_secure	8.1:r3.0
ivanti	connect_secure	8.1:r3.1
ivanti	connect_secure	8.1:r3.2
ivanti	connect_secure	8.1:r4.0
ivanti	connect_secure	8.1:r4.1
ivanti	connect_secure	8.1:r5.0
ivanti	connect_secure	8.1:r6.0
ivanti	connect_secure	8.1:r7.0
ivanti	connect_secure	8.1:r8.0
ivanti	connect_secure	8.1:r9.0
ivanti	connect_secure	8.1:r9.1
ivanti	connect_secure	8.1:r9.2
ivanti	connect_secure	8.2:r1.0
ivanti	connect_secure	8.2:r1.1
ivanti	connect_secure	8.2:r10.0
ivanti	connect_secure	8.2:r11.0
ivanti	connect_secure	8.2:r12.0
ivanti	connect_secure	8.2:r2.0
ivanti	connect_secure	8.2:r3.0
ivanti	connect_secure	8.2:r3.1
ivanti	connect_secure	8.2:r4.0
ivanti	connect_secure	8.2:r4.1
ivanti	connect_secure	8.2:r5.0
ivanti	connect_secure	8.2:r5.1
ivanti	connect_secure	8.2:r6.0
ivanti	connect_secure	8.2:r7.0
ivanti	connect_secure	8.2:r7.1
ivanti	connect_secure	8.2:r7.2
ivanti	connect_secure	8.2:r8.0
ivanti	connect_secure	8.2:r8.1
ivanti	connect_secure	8.2:r8.2
ivanti	connect_secure	8.2:r9.0
ivanti	connect_secure	8.3:r1
ivanti	connect_secure	8.3:r2
ivanti	connect_secure	8.3:r2.1
ivanti	connect_secure	8.3:r3
ivanti	connect_secure	8.3:r4
ivanti	connect_secure	8.3:r5
ivanti	connect_secure	8.3:r5.1
ivanti	connect_secure	8.3:r5.2
ivanti	connect_secure	8.3:r6
ivanti	connect_secure	8.3:r6.1
ivanti	connect_secure	9.0:r1
ivanti	connect_secure	9.0:r2
ivanti	connect_secure	9.0:r2.1
ivanti	connect_secure	9.0:r3
ivanti	connect_secure	9.0:r3.1
ivanti	connect_secure	9.0:r3.2

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-59 - Improper Link Resolution Before File Access ('Link Following')
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References

http://www.securityfocus.com/bid/108073

https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/

https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010

https://www.kb.cert.org/vuls/id/927237

http://www.securityfocus.com/bid/108073

https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/

https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010

https://www.kb.cert.org/vuls/id/927237