// For flags

CVE-2018-20812

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints.

Existe un problema de exposición a la información donde el tráfico DNS de IPv6 se enviaría fuera del túnel VPN (cuando se habilitó la aplicación de tráfico) en Pulse Secure Pulse Secure Desktop 9.0R1 e inferior. Esto se aplica solo a los puntos finales de doble pila (IPv4 / IPv6).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-03-15 CVE Reserved
  • 2019-03-16 CVE Published
  • 2024-09-16 CVE Updated
  • 2024-09-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r1.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r10.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r11.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r11.1, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r12.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r13.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r2.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r3.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r4.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r5.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r6.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r7.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r8.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r9.0, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r9.1, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
4.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "4.0"
r9.2, mac_os_x
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r1.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r1.1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r10.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r11.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r11.1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r12.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r13.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r14.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r2.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r3.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r3.1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r4.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r5.1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r6.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r7.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r8.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r9.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1"
r9.1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1r
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1r"
3.2, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.1r
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.1r"
5.0, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r1.1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r2, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r3, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r4, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r4.1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r4.2, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r5, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r5.2, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r6, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
5.3
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "5.3"
r7, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
9.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "9.0"
r1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
9.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "9.0"
r2, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
9.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "9.0"
r2.1, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
9.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "9.0"
r3, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
9.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "9.0"
r3.2, macos
Affected
Pulsesecure
Search vendor "Pulsesecure"
Pulse Secure Desktop Client
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client"
9.0
Search vendor "Pulsesecure" for product "Pulse Secure Desktop Client" and version "9.0"
r4, macos
Affected