PT-2019-10247 · Pulse Secure · Pulse Connect Secure+1

Published

2019-03-16

·

Updated

2024-02-27

·

CVE-2018-20809

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Pulse Secure Pulse Connect Secure (PCS) versions 8.3RX through 8.3R4 Pulse Secure Pulse Policy Secure versions 5.4RX through 5.4R4
Description: A crafted message can cause the web server to crash.
Recommendations: For Pulse Secure Pulse Connect Secure (PCS) versions 8.3RX through 8.3R4, update to version 8.3R5 or later. For Pulse Secure Pulse Policy Secure versions 5.4RX through 5.4R4, update to version 5.4R5 or later.

Fix

RCE

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-20809

Affected Products

Pulse Connect Secure
Pulse Policy Secure