Multiple vulnerabilities in Pulse Connect Secure



Published: 2016-05-26 | Updated: 2020-08-09
Risk High
Patch available NO
Number of vulnerabilities 7
CVE-ID CVE-2016-4792
CVE-2016-4791
CVE-2016-4790
CVE-2016-4789
CVE-2016-4788
CVE-2016-4787
CVE-2016-4786
CWE-ID CWE-20
CWE-79
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Pulse Connect Secure
Server applications / Remote access servers, VPN

Vendor Pulse Secure

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU40257

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-4792

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Pulse Connect Secure (PCS) 8.2 before 8.2r1 allows remote attackers to disclose sign in pages via unspecified vectors.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Pulse Connect Secure: 8.2

External links

http://www.securitytracker.com/id/1035932
http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40212


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU40258

Risk: High

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-4791

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via unspecified vectors.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Pulse Connect Secure: 7.4 - 8.2

External links

http://www.securitytracker.com/id/1035932
http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Cross-site scripting

EUVDB-ID: #VU40259

Risk: Low

CVSSv3.1: 5.1 [AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2016-4790

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

Vulnerability allows a remote attacker to perform Cross-site scripting attacks.

An input validation error exists in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Pulse Connect Secure: 7.4 - 8.2

External links

http://www.securitytracker.com/id/1035932
http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40211


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Cross-site scripting

EUVDB-ID: #VU40260

Risk: Low

CVSSv3.1: 5.6 [AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2016-4789

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

Vulnerability allows a remote attacker to perform XSS attacks.

The vulnerability is caused by an input validation error in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Pulse Connect Secure: 7.4 - 8.2

External links

http://www.securitytracker.com/id/1035932
http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Input validation error

EUVDB-ID: #VU40261

Risk: Medium

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-4788

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Pulse Connect Secure: 7.4 - 8.2

External links

http://www.securitytracker.com/id/1035932
http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40208


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU40262

Risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-4787

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to #BASIC_IMPACT#.

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read sensitive system authentication files in an unspecified directory via unknown vectors.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Pulse Connect Secure: 7.4 - 8.2

External links

http://www.securitytracker.com/id/1035932
http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40207


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU40263

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-4786

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r3, 8.0 before 8.0r11, and 7.4 before 7.4r13.4 allow remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Pulse Connect Secure: 7.4 - 8.2

External links

http://www.securitytracker.com/id/1035932
http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40206


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###