CPE-3DA63E2F-2296-4534-9DF0-F8BE1790A9FC Detail

CPE Details

PulseSecure Pulse Connect Secure (PCS) 9.1 R11.3

Vendor

pulsesecure

Product

pulse_connect_secure

Version

9.1

Created

2021-04-28
15h44 +00:00

Modified

2024-02-27
20h04 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.3::::::

Informations

Vendor

pulsesecure

Product

pulse_connect_secure

Version

9.1

Update

r11.3

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2021-22900	2021-05-27 11h15 +00:00	A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.	7.2	High
CVE-2020-15408	2020-07-28 12h59 +00:00	An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite.	4.6	Medium
CVE-2020-11581	2020-04-06 18h03 +00:00	An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via shell metacharacters to the doCustomRemediateInstructions method, because Runtime.getRuntime().exec() is used.	8.1	High
CVE-2020-11582	2020-04-06 18h03 +00:00	An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HTTP clients, because up to 25 invalid lines are ignored, and because DNS rebinding can occur. (This server accepts, for example, a setcookie command that might be relevant to CVE-2020-11581 exploitation.)	8.8	High
CVE-2020-11580	2020-04-06 18h03 +00:00	An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate.	9.1	Critical

PulseSecure Pulse Connect Secure (PCS) 9.1 R11.3

CPE Details

CPE Name: cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.3:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r11.3::::::