CVE-2017-11194
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Pulse Connect Secure 8.3R1 has Reflected XSS in adminservercacertdetails.cgi. In the admin panel, the certid parameter of adminservercacertdetails.cgi is reflected in the application's response and is not properly sanitized, allowing an attacker to inject tags. An attacker could come up with clever payloads to make the system run commands such as ping, ping6, traceroute, nslookup, arp, etc.
En Pulse Connect Secure versión 8.3R1, presenta un problema de tipo XSS reflejado en el archivo adminservercacertdetails.cgi. En el panel de administración, el parámetro certid del archivo adminservercacertdetails.cgi es reflejado en la respuesta de la aplicación y no está saneado apropiadamente, permitiendo que un atacante inyecte etiquetas. Un atacante podría venir con una carga útil inteligente para hacer que el sistema ejecute comandos como ping, ping6, traceroute, nslookup, arp, etc.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-07-12 CVE Reserved
- 2017-07-12 CVE Published
- 2023-05-22 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.sxcurity.pro/Multiple%20XSS%20and%20CSRF%20in%20Pulse%20Connect%20Secure%20v8.3R1.pdf | Third Party Advisory | |
https://twitter.com/sxcurity/status/884556905145937921 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Pulsesecure Search vendor "Pulsesecure" | Pulse Connect Secure Search vendor "Pulsesecure" for product "Pulse Connect Secure" | 8.3r1.0 Search vendor "Pulsesecure" for product "Pulse Connect Secure" and version "8.3r1.0" | - |
Affected
|