PT-2018-16879 · Pulse · Pulse Connect Secure+1

Published

2018-01-16

Updated

2020-08-24

CVE-2018-5299

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Pulse Connect Secure (PCS) versions prior to 8.3R4 Pulse Policy Secure (PPS) versions prior to 5.4R4

Description A stack-based buffer overflow issue exists in the web server of the affected software, potentially leading to memory corruption and remote code execution.

Recommendations For Pulse Connect Secure (PCS) versions prior to 8.3R4, update to version 8.3R4 or later. For Pulse Policy Secure (PPS) versions prior to 5.4R4, update to version 5.4R4 or later.

Fix

RCE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2018-5299

Affected Products

Pulse Connect Secure

Pulse Policy Secure

PT-2018-16879 · Pulse · Pulse Connect Secure+1

CVE-2018-5299

Weakness Enumeration

Related Identifiers

Affected Products

References · 3