CVE-2019-11540

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
8.3 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
VendorProductVersion
ivanticonnect_secure
8.3
pulsesecurepulse_connect_secure
8.3rx:rx
pulsesecurepulse_connect_secure
9.0r1:r1
pulsesecurepulse_connect_secure
9.0r2:r2
pulsesecurepulse_connect_secure
9.0r2.1:r2.1
pulsesecurepulse_connect_secure
9.0r3:r3
pulsesecurepulse_connect_secure
9.0r3.1:r3.1
pulsesecurepulse_connect_secure
9.0r3.2:r3.2
pulsesecurepulse_connect_secure
9.0rx:rx
pulsesecurepulse_policy_secure
5.4r1:r1
pulsesecurepulse_policy_secure
5.4r2:r2
pulsesecurepulse_policy_secure
5.4r2.1:r2.1
pulsesecurepulse_policy_secure
5.4r3:r3
pulsesecurepulse_policy_secure
5.4r4:r4
pulsesecurepulse_policy_secure
5.4r5:r5
pulsesecurepulse_policy_secure
5.4r5.2:r5.2
pulsesecurepulse_policy_secure
5.4r6:r6
pulsesecurepulse_policy_secure
5.4r6.1:r6.1
pulsesecurepulse_policy_secure
5.4r7:r7
pulsesecurepulse_policy_secure
5.4rx:rx
pulsesecurepulse_policy_secure
9.0r1:r1
pulsesecurepulse_policy_secure
9.0r2:r2
pulsesecurepulse_policy_secure
9.0r2.1:r2.1
pulsesecurepulse_policy_secure
9.0r3:r3
pulsesecurepulse_policy_secure
9.0r3.1:r3.1
pulsesecurepulse_policy_secure
9.0rx:rx
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/108073
https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/
https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010
https://www.kb.cert.org/vuls/id/927237
http://www.securityfocus.com/bid/108073
https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/
https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010
https://www.kb.cert.org/vuls/id/927237