PT-2018-16879 · Pulse · Pulse Connect Secure+1

Publicado

2018-01-16

Atualizado

2020-08-24

CVE-2018-5299

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Pulse Connect Secure (PCS) versions prior to 8.3R4 Pulse Policy Secure (PPS) versions prior to 5.4R4

Description A stack-based buffer overflow issue exists in the web server of the affected software, potentially leading to memory corruption and remote code execution.

Recommendations For Pulse Connect Secure (PCS) versions prior to 8.3R4, update to version 8.3R4 or later. For Pulse Policy Secure (PPS) versions prior to 5.4R4, update to version 5.4R4 or later.

Correção

RCE

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2018-5299

Produtos afetados

Pulse Connect Secure

Pulse Policy Secure

PT-2018-16879 · Pulse · Pulse Connect Secure+1

CVE-2018-5299

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3