CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4790
https://notcve.org/view.php?id=CVE-2016-4790
Cross-site scripting (XSS) vulnerability in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la interfaz de usuario administrativo en Pulse Connect Secure (PCS) 8.2 en versiones anteriores a 8.2r1, 8.1 en versiones anteriores a 8.1r2, 8.0 en versiones anteriores a 8.0r9 y 7.4 en versiones anteriores a 7.4r13.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securitytracker.com/id/1035932 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40211 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4786
https://notcve.org/view.php?id=CVE-2016-4786
Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r3, 8.0 before 8.0r11, and 7.4 before 7.4r13.4 allow remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. Pulse Connect Secure (PCS) 8.2 en versiones anteriores a 8.2r1, 8.1 en versiones anteriores a 8.1r3, 8.0 en versiones anteriores a 8.0r11 y 7.4 en versiones anteriores a 7.4r13.4 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de vectores no especificados. • http://www.securitytracker.com/id/1035932 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40206 •
CVSS: 5.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4788
https://notcve.org/view.php?id=CVE-2016-4788
Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors. Pulse Connect Secure (PCS) 8.2 en versiones anteriores a 8.2r1, 8.1 en versiones anteriores a 8.1r2, 8.0 en versiones anteriores a 8.0r10 y 7.4 en versiones anteriores a 7.4r13.4 permite a atacantes remotos leer un archivo de sistema no especificado a través de vectores desconocidos. • http://www.securitytracker.com/id/1035932 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40208 •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4789
https://notcve.org/view.php?id=CVE-2016-4789
Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la sección de configuración del sistema en la interaz de usuario administrativo en Pulse Connect Secure (PCS) 8.2 en versiones anteriores a 8.2r1, 8.1 en versiones anteriores a 8.1r2, 8.0 en versiones anteriores a 8.0r9 y 7.4 en versiones anteriores a 7.4r13.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securitytracker.com/id/1035932 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •