| ID | 48342 |
| Created | Sep 06, 2019 |
| Updated | Dec 02, 2019 |
| Outbreak Alert | CISAtop20_PRC2022 |
| Severity |
|
| Coverage |
IPS (Regular DB)
IPS (Extended DB)
|
| Default Action | drop |
| Active |
|
| Affected OS | Other |
| Affected App | Other |
Legend
| Active/Available |
|
| InActive/Not Available |
|
Update History
| Date | Version | Detail |
|---|---|---|
| 2019-12-03 | 15.737 | Default_action:pass:drop |
| 2019-10-08 | 14.701 | Sig Added |
| 2019-09-06 | 14.683 |
click on each chart to view data in detail.
[[threatName]]
Refine Search
Threat Encyclopedia
Pulse.Secure.SSL.VPN.HTML5.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure Vulnerability in Pulse Connect Secure.
The vulnerability is due to an error in the vulnerable application when handling a malicious request. An unauthenticated attacker can exploit this to access sensitive information on the affected machine via a crafted request.
Affected Products
Pulse Connect Secure 8.1R15.1
Pulse Connect Secure 8.2 before 8.2R12.1
Pulse Connect Secure 8.3 before 8.3R7.1
Pulse Connect Secure 9.0 before 9.0R3.4
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Refer to the vendor's advisory for updates:
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
CVE References
CVE-2019-11510
✖