CVE-2019-12376
https://notcve.org/view.php?id=CVE-2019-12376
Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to full managed endpoint compromise by an authenticated user with read privileges. El uso de una clave de cifrado codificada en forma rígida en Ivanti LANDESK Management Suite (LDMS, conocido como Endpoint Manager) 10.0.1.168 Service Update 5 puede llevar a un compromiso total de punto final administrado por un usuario identificado con privilegios de lectura. • https://www.gnzlabs.io/gnzlabs-blog/landesk-management-server-hard-coded-encryption-key • CWE-798: Use of Hard-coded Credentials •
CVE-2019-12377
https://notcve.org/view.php?id=CVE-2019-12377
A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 allows arbitrary file upload, which may lead to arbitrary remote code execution. Un extremo de API web upl / async_upload.asp vulnerable en Ivanti LANDESK Management Suite (LDMS, también conocido como Endpoint Manager) 10.0.1.168 Service Update 5 permite la carga arbitraria de archivos, lo que puede llevar a la ejecución de código remoto arbitrario. • https://www.gnzlabs.io/gnzlabs-blog/landesk-management-server-arbitrary-file-upload https://www.gnzlabs.io/gnzlabs-blog/landesk-management-server-multiple-vulnerabilities • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2019-11507
https://notcve.org/view.php?id=CVE-2019-11507
In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9.0.x before 9.0R3, an XSS issue has been found on the Application Launcher page. En Pulse Secure Pulse Connect Secure (PCS) 8.3.x versiones anteriores a 8.3R7.1 y 9.0.x anteriores a 9.0R3, se ha encontrado un problema de XSS en la página Application Launcher. • http://www.securityfocus.com/bid/108073 https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf https://kb.pulsesecure.net/?atype=sa https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516 https://www.kb.cert.org/vuls/id/927237 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-11508
https://notcve.org/view.php?id=CVE-2019-11508
In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance. En Pulse Secure Pulse Connect Connect (PCS) versión anterior a 8.1R15.1, versión 8.2 anterior a 8.2 R12.1, versión 8.3 anterior a 8.3R7.1 y versión 9.0 anteior a 9.0R3.4, un atacante identificado (por medio de la interfaz web de administrador) puede operar un salto de directorio para ejecutar código arbitrario en el dispositivo. • http://www.securityfocus.com/bid/108073 https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf https://kb.pulsesecure.net/?atype=sa https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010 https://www.kb.cert.org/vuls/id/927237 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2019-11510 – Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability
https://notcve.org/view.php?id=CVE-2019-11510
In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . En Pulse Secure Pulse Connect Secure (PCS) versión 8.2 en versiones anteriores a la 8.2R12.1, versión 8.3 en versiones anteriores a la 8.3R7.1 y versión 9.0 en versiones anteriores a la 9.0R3.4, un atacante remoto no autenticado puede enviar una URI especialmente diseñado para realizar una vulnerabilidad de lectura de archivos arbitraria. Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI. • https://www.exploit-db.com/exploits/47297 https://github.com/projectzeroindia/CVE-2019-11510 https://github.com/jas502n/CVE-2019-11510-1 https://github.com/imjdl/CVE-2019-11510-poc https://github.com/jason3e7/CVE-2019-11510 https://github.com/pwn3z/CVE-2019-11510-PulseVPN http://packetstormsecurity.com/files/154176/Pulse-Secure-SSL-VPN-8.1R15.1-8.2-8.3-9.0-Arbitrary-File-Disclosure.html http://packetstormsecurity.com/files/154231/Pulse-Secure-SSL-VPN-File-Disclosure-NSE.html ht • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •