2020-07-30 15:15:00 2020-07-31 20:21:00

A code injection vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.

Vector

NETWORK

Complexity

LOW

Authentication

SINGLE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Pulsesecure Pulse policy secure 9.1 R7 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 R6 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 R5 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 R4.2 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 R4.1 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 R4 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 R3.1 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 R3 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 R2 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 R1 * * (not an official CPE) Pulsesecure Pulse policy secure 9.1 - * * (not an official CPE) Pulsesecure Pulse policy secure * * * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R7 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R6 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R5 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R4.3 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R4.2 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R4.1 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R4 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R3 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R2 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 R1 * * (not an official CPE) Pulsesecure Pulse connect secure 9.1 - * * (not an official CPE) Pulsesecure Pulse connect secure * * * * (not an official CPE)