NotCVE - vendor:"Pulsesecure" product:"Pulse Connect Secure" version:"8.2r2.0"

Page 5 of 43 results (0.002 seconds)

CVSS: 4.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2017-17947

https://notcve.org/view.php?id=CVE-2017-17947

16 Jan 2018 — A cross site scripting issue has been found in custompage.cgi in Pulse Secure Pulse Connect Secure (PCS) before 8.0R17.0, 8.1.x before 8.1R13, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 and Pulse Policy Secure (PPS) before 5.2R10, 5.3.x before 5.3R9, and 5.4.x before 5.4R3 due to one of the URL parameters not being sanitized. Exploitation does require the user to be logged in as administrator; the issue is not applicable to the end user portal. Se ha encontrado un problema de Cross-Site Scripting (XSS) en c... • http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43018 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 1%CPEs: 47EXPL: 0

CVE-2017-11455

https://notcve.org/view.php?id=CVE-2017-11455

29 Aug 2017 — diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack the authentication of administrators for requests to start tcpdump, related to the lack of anti-CSRF tokens. diag.cgi en Pulse Connect Secure 8.2R1 en su versión 8.2R5, 8.1R1 en su versión 8.1R10 y Pulse Policy Secure 5.3R1 en su versión 5.3R5, 5.2R1 en su versión 5.2R8, y 5.1R1 en su versión 5.1R10 permite que ... • http://www.securityfocus.com/bid/100530 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-3985

https://notcve.org/view.php?id=CVE-2016-3985

08 Apr 2016 — The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors. La funcionalidad de restricciones de sesión de cliente Terminal Services Remote Desktop Protocol (RDP) en Pulse Connect Secure (también conocido como PCS) 8.1R7 y 8.2R1 permite a usuarios remotos autenticados eludir las restricciones de acceso previstas a través de vectores no... • http://www.securitytracker.com/id/1035129 • CWE-284: Improper Access Control •

1...3 4 5