Improper access control in Pulse Connect Secure
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2016-3985 |
| CWE-ID | CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Ivanti Connect Secure (formerly Pulse Connect Secure) Server applications / Remote access servers, VPN |
| Vendor | Ivanti |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Improper access control
EUVDB-ID: #VU40393
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-3985
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to manipulate data.
The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsIvanti Connect Secure (formerly Pulse Connect Secure): 8.1r7 - 8.2R1
CPE2.3- cpe:2.3:a:ivanti:pulse_connect_secure:8.1r7:*:*:*:*:*:*:*
- cpe:2.3:a:ivanti:pulse_connect_secure:8.2R1:*:*:*:*:*:*:*
https://www.securitytracker.com/id/1035129
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40166
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
