Multiple vulnerabilities in Pulse Connect Secure



Published: 2019-06-28 | Updated: 2020-08-08
Risk High
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2018-20807
CVE-2018-20808
CVE-2018-20811
CVE-2018-20813
CWE-ID CWE-79
CWE-200
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Pulse Connect Secure
Server applications / Remote access servers, VPN

Vendor Pulse Secure

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Cross-site scripting

EUVDB-ID: #VU35772

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-20807

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to one of the URL parameters not being sanitized properly.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Pulse Connect Secure: 8.1 - 8.3


CPE2.3 External links

http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Cross-site scripting

EUVDB-ID: #VU35773

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-20808

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

An XSS issue has been found with rd.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R3 due to improper header sanitization. This is not applicable to 8.1RX.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Pulse Connect Secure: 8.3


CPE2.3 External links

http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Information disclosure

EUVDB-ID: #VU35777

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2018-20811

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

A hidden RPC service issue was found with Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2 and 8.1RX before 8.1R12.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Pulse Connect Secure: 8.1 - 8.3


CPE2.3 External links

http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Input validation error

EUVDB-ID: #VU35778

Risk: High

CVSSv3.1:

CVE-ID: CVE-2018-20813

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An input validation issue has been found with login_meeting.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Pulse Connect Secure: 8.3


CPE2.3 External links

http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###