Multiple vulnerabilities in Pulse Connect Secure
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-14366 CVE-2018-6320 |
| CWE-ID | CWE-601 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Pulse Connect Secure Server applications / Remote access servers, VPN Pulse Policy Secure Server applications / Remote access servers, VPN |
| Vendor | Pulse Secure |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Open redirect
EUVDB-ID: #VU36717
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2018-14366
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.
MitigationInstall update from vendor's website.
Vulnerable software versionsPulse Connect Secure: 8.1 - 8.3rx
Pulse Policy Secure: 5.2R1.0 - 8.3rx
CPE2.3 External linkshttp://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
2) Input validation error
EUVDB-ID: #VU36720
Risk: High
CVSSv3.1:
CVE-ID: CVE-2018-6320
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.2RX before 5.2R9 and 5.4RX before 5.4R2 wherein an http(s) Host header received from the browser is trusted without validation.
MitigationInstall update from vendor's website.
Vulnerable software versionsPulse Connect Secure: 8.1 - 8.3rx
Pulse Policy Secure: 5.2R1.0 - 8.3rx
CPE2.3 External linkshttp://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
