CVE-2019-11508
https://notcve.org/view.php?id=CVE-2019-11508
In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance. En Pulse Secure Pulse Connect Connect (PCS) versión anterior a 8.1R15.1, versión 8.2 anterior a 8.2 R12.1, versión 8.3 anterior a 8.3R7.1 y versión 9.0 anteior a 9.0R3.4, un atacante identificado (por medio de la interfaz web de administrador) puede operar un salto de directorio para ejecutar código arbitrario en el dispositivo. • http://www.securityfocus.com/bid/108073 https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf https://kb.pulsesecure.net/?atype=sa https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010 https://www.kb.cert.org/vuls/id/927237 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2019-11543
https://notcve.org/view.php?id=CVE-2019-11543
XSS exists in the admin web console in Pulse Secure Pulse Connect Secure (PCS) 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, and 5.2RX before 5.2R12.1. Existe una vulnerabilidad Cross-site scripting (XSS), en la consola web de administración de Pulse Secure Pulse Connect Secure (PCS) versiones 9.0RX anteriores a 9.0R3.4, versiones 8.3RX anteriores a 8.3R7.1, y versiones 8.1RX anteriores a 8.1R15.1; Pulse Policy Secure versiones 9.0RX anteriores a 9.0R3.2, versiones 5.4RX anteriores a 5.4R7.1, y versiones 5.2RX anteriores a 5.2R12.1 • http://www.securityfocus.com/bid/108073 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://www.kb.cert.org/vuls/id/927237 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-11542
https://notcve.org/view.php?id=CVE-2019-11542
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, an authenticated attacker (via the admin web interface) can send a specially crafted message resulting in a stack buffer overflow. En Pulse Secure Pulse Connect Secure versiones 9.0RX anteriores a 9.0R3.4, versiones 8.3RX anteriores a 8.3R7.1, versiones 8.2RX anteriores a 8.2R12.1, y versiones 8.1RX anteriores a 8.1R15.1; Pulse Policy Secure versiones 9.0RX anteriores a 9.0R3.2, versiones 5.4RX anteriores a 5.4R7.1, versiones 5.3RX anteriores a 5.3R12.1, versiones 5.2RX anteriores a 5.2R12.1, y versiones 5.1RX anteriores a 5.1R15.1, un atacante autenticado (a través de la interfaz web de administración) puede enviar un mensaje especialmente diseñado que resulte en un desbordamiento de búfer basado en pila . • http://www.securityfocus.com/bid/108073 https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010 https://www.kb.cert.org/vuls/id/927237 • CWE-787: Out-of-bounds Write •
CVE-2019-11541
https://notcve.org/view.php?id=CVE-2019-11541
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.2RX before 8.2R12.1, users using SAML authentication with the Reuse Existing NC (Pulse) Session option may see authentication leaks. En Pulse Secure Pulse Connect Secure versiones 9.0RX anteriores a 9.0R3.4, versiones 8.3RX anteriores a 8.3R7.1 y versiones 8.2RX anteriores a 8.2R12.1, los usuarios que utilizan la autenticación SAML con la opción Reuse Existing NC (Pulse), pueden tener fugas de autenticación. • http://www.securityfocus.com/bid/108073 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://www.kb.cert.org/vuls/id/927237 •
CVE-2019-11540
https://notcve.org/view.php?id=CVE-2019-11540
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack. En Pulse Secure Pulse Connect Secure versiones 9.0RX anteriores a 9.0R3.4 y versiones 8.3RX anteriores a 8.3R7.1 y Pulse Policy Secure versiones 9.0RX anteriores a 9.0R3.2 y versiones 5.4RX anteriores a 5.4R7.1, un atacante remoto no autenticado puede llevar a cabo un ataque de secuestro de sesión. • http://www.securityfocus.com/bid/108073 https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010 https://www.kb.cert.org/vuls/id/927237 •