PT-2019-12366 · Pulse · Pulse Connect Secure+1
Published
2019-04-26
·
Updated
2024-02-27
·
CVE-2019-11543
CVSS v3.1
8.3
High
| Vector | AC:H/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R |
Name of the Vulnerable Software and Affected Versions
Pulse Connect Secure (PCS) versions 9.0RX before 9.0R3.4
Pulse Connect Secure (PCS) versions 8.3RX before 8.3R7.1
Pulse Connect Secure (PCS) versions 8.1RX before 8.1R15.1
Pulse Policy Secure versions 9.0RX before 9.0R3.2
Pulse Policy Secure versions 5.4RX before 5.4R7.1
Pulse Policy Secure versions 5.2RX before 5.2R12.1
Description
XSS exists in the admin web console.
Recommendations
For Pulse Connect Secure (PCS) versions 9.0RX before 9.0R3.4, update to version 9.0R3.4 or later.
For Pulse Connect Secure (PCS) versions 8.3RX before 8.3R7.1, update to version 8.3R7.1 or later.
For Pulse Connect Secure (PCS) versions 8.1RX before 8.1R15.1, update to version 8.1R15.1 or later.
For Pulse Policy Secure versions 9.0RX before 9.0R3.2, update to version 9.0R3.2 or later.
For Pulse Policy Secure versions 5.4RX before 5.4R7.1, update to version 5.4R7.1 or later.
For Pulse Policy Secure versions 5.2RX before 5.2R12.1, update to version 5.2R12.1 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pulse Connect Secure
Pulse Policy Secure