CVE-2019-11541

CVSS v3.1

8.3

High

Vector

AC:L/AV:N/A:L/C:L/I:L/PR:N/S:C/UI:N

Name of the Vulnerable Software and Affected Versions Pulse Connect Secure versions 9.0RX before 9.0R3.4 Pulse Connect Secure versions 8.3RX before 8.3R7.1 Pulse Connect Secure versions 8.2RX before 8.2R12.1

Description The issue affects users of SAML authentication with the Reuse Existing NC (Pulse) Session option, potentially leading to authentication leaks.

Recommendations For Pulse Connect Secure version 9.0RX before 9.0R3.4, update to version 9.0R3.4 or later. For Pulse Connect Secure version 8.3RX before 8.3R7.1, update to version 8.3R7.1 or later. For Pulse Connect Secure version 8.2RX before 8.2R12.1, update to version 8.2R12.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-11541

Affected Products

Pulse Connect Secure

CVE-2019-11541

Related Identifiers

Affected Products

References · 6