Vulnerability-Lookup

BDU:2019-02980

Vulnerability from fstec - Published: 22.03.2019

Title

Уязвимость VPN-шлюза корпоративных сетей Pulse Connect Secure, связанная с ошибками обработки разрешений, позволяющая нарушителю получить доступ на чтение произвольных файлов

Description

Уязвимость VPN-шлюза корпоративных сетей Pulse Connect Secure связана с ошибками обработки разрешений. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить доступ на чтение произвольных файлов, используя специально созданный URI

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Vendor

Pulsesecure

Software Name

Pulse Connect Secure

Software Version

7.1 (Pulse Connect Secure), 7.1 R3.0 (Pulse Connect Secure), 7.1 R15.0 (Pulse Connect Secure), 7.1 R10.0 (Pulse Connect Secure), 7.1 R22.0 (Pulse Connect Secure), 7.1 R8.0 (Pulse Connect Secure), 7.1 R2.0 (Pulse Connect Secure), 7.1 R4.0 (Pulse Connect Secure), 7.1 R16.0 (Pulse Connect Secure), 7.1 R9.0 (Pulse Connect Secure), 7.1 R22.1 (Pulse Connect Secure), 7.1 R11.0 (Pulse Connect Secure), 7.1 R20.0 (Pulse Connect Secure), 7.1 R4.1 (Pulse Connect Secure), 7.1 R17.0 (Pulse Connect Secure), 7.1 R22.2 (Pulse Connect Secure), 7.1 R12.0 (Pulse Connect Secure), 7.1 R20.1 (Pulse Connect Secure), 7.1 R5.0 (Pulse Connect Secure), 7.1 R18.0 (Pulse Connect Secure), 7.1 R22.3 (Pulse Connect Secure), 7.1 R13.0 (Pulse Connect Secure), 7.1 R20.2 (Pulse Connect Secure), 7.1 R1.0 (Pulse Connect Secure), 7.1 R6.0 (Pulse Connect Secure), 7.1 R19.0 (Pulse Connect Secure), 7.1 R22.4 (Pulse Connect Secure), 7.1 R14.0 (Pulse Connect Secure), 7.1 R21.0 (Pulse Connect Secure), 7.1 R1.1 (Pulse Connect Secure), 7.1 R7.0 (Pulse Connect Secure), 7.1 R19.1 (Pulse Connect Secure), 7.4 R8.0 (Pulse Connect Secure), 7.4 R11.0 (Pulse Connect Secure), 7.4 R3.0 (Pulse Connect Secure), 7.4 R13.3 (Pulse Connect Secure), 7.4 R9.0 (Pulse Connect Secure), 7.4 R11.1 (Pulse Connect Secure), 7.4 R4.0 (Pulse Connect Secure), 7.4 R13.4 (Pulse Connect Secure), 7.4 R9.1 (Pulse Connect Secure), 7.4 R12.0 (Pulse Connect Secure), 7.4 (Pulse Connect Secure), 7.4 R5.0 (Pulse Connect Secure), 7.4 R13.5 (Pulse Connect Secure), 7.4 R9.2 (Pulse Connect Secure), 7.4 R13.0 (Pulse Connect Secure), 7.4 R6.0 (Pulse Connect Secure), 7.4 R1.0 (Pulse Connect Secure), 7.4 R13.6 (Pulse Connect Secure), 7.4 R9.3 (Pulse Connect Secure), 7.4 R13.1 (Pulse Connect Secure), 7.4 R7.0 (Pulse Connect Secure), 7.4 R10.0 (Pulse Connect Secure), 7.4 R2.0 (Pulse Connect Secure), 7.4 R13.2 (Pulse Connect Secure), 8.1 R9.2 (Pulse Connect Secure), 8.1 R12.0 (Pulse Connect Secure), 8.1 R6.0 (Pulse Connect Secure), 8.1 R1.0 (Pulse Connect Secure), 8.1 R3.1 (Pulse Connect Secure), 8.1 R12.1 (Pulse Connect Secure), 8.1 R7.0 (Pulse Connect Secure), 8.1 R1.1 (Pulse Connect Secure), 8.1 R3.2 (Pulse Connect Secure), 8.1 R13.0 (Pulse Connect Secure), 8.1 R8.0 (Pulse Connect Secure), 8.1 R10.0 (Pulse Connect Secure), 8.1 R4.0 (Pulse Connect Secure), 8.1 R14.0 (Pulse Connect Secure), 8.1 R11.0 (Pulse Connect Secure), 8.1 R9.0 (Pulse Connect Secure), 8.1 R4.1 (Pulse Connect Secure), 8.1 R2.0 (Pulse Connect Secure), 8.1 R9.1 (Pulse Connect Secure), 8.1 R11.1 (Pulse Connect Secure), 8.1 R5.0 (Pulse Connect Secure), 8.1 (Pulse Connect Secure), 8.1 R2.1 (Pulse Connect Secure), 8.2 R9.0 (Pulse Connect Secure), 8.2 R7.0 (Pulse Connect Secure), 8.2 R4.0 (Pulse Connect Secure), 8.2 R2.0 (Pulse Connect Secure), 8.2 R1.0 (Pulse Connect Secure), 8.2 R7.1 (Pulse Connect Secure), 8.2 R4.1 (Pulse Connect Secure), 8.2 R3.0 (Pulse Connect Secure), 8.2 R1.1 (Pulse Connect Secure), 8.2 R8.0 (Pulse Connect Secure), 8.2 R5.0 (Pulse Connect Secure), 8.2 R3.1 (Pulse Connect Secure), 8.2 R10.0 (Pulse Connect Secure), 8.2 R8.1 (Pulse Connect Secure), 8.2 R5.1 (Pulse Connect Secure), 8.2 R11.0 (Pulse Connect Secure), 8.2 R8.2 (Pulse Connect Secure), 8.2 R6.0 (Pulse Connect Secure), 8.2 R12.0 (Pulse Connect Secure), 8.3 R7 (Pulse Connect Secure), 8.3 R5 (Pulse Connect Secure), 8.3 R1 (Pulse Connect Secure), 8.3 R5.1 (Pulse Connect Secure), 8.3 R2 (Pulse Connect Secure), 8.3 R5.2 (Pulse Connect Secure), 8.3 R2.1 (Pulse Connect Secure), 8.3 R6 (Pulse Connect Secure), 8.3 R3 (Pulse Connect Secure), 8.3 R6.1 (Pulse Connect Secure), 8.3 R4 (Pulse Connect Secure), 9.0 R3.1 (Pulse Connect Secure), 9.0 R3.2 (Pulse Connect Secure), 9.0 R1 (Pulse Connect Secure), 9.0 R2 (Pulse Connect Secure), 9.0 R2.1 (Pulse Connect Secure), 9.0 R3 (Pulse Connect Secure)

Possible Mitigations

Использование рекомендаций: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/

Reference

https://www.cvedetails.com/cve/CVE-2019-11510/ https://www.securityfocus.com/bid/108073/info https://nvd.nist.gov/vuln/detail/CVE-2019-11510 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11510 https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv http://packetstormsecurity.com/files/154176/Pulse-Secure-SSL-VPN-8.1R15.1-8.2-8.3-9.0-Arbitrary-File-Disclosure.html

CWE

CWE-275

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Pulsesecure",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.1 (Pulse Connect Secure), 7.1 R3.0 (Pulse Connect Secure), 7.1 R15.0 (Pulse Connect Secure), 7.1 R10.0 (Pulse Connect Secure), 7.1 R22.0 (Pulse Connect Secure), 7.1 R8.0 (Pulse Connect Secure), 7.1 R2.0 (Pulse Connect Secure), 7.1 R4.0 (Pulse Connect Secure), 7.1 R16.0 (Pulse Connect Secure), 7.1 R9.0 (Pulse Connect Secure), 7.1 R22.1 (Pulse Connect Secure), 7.1 R11.0 (Pulse Connect Secure), 7.1 R20.0 (Pulse Connect Secure), 7.1 R4.1 (Pulse Connect Secure), 7.1 R17.0 (Pulse Connect Secure), 7.1 R22.2 (Pulse Connect Secure), 7.1 R12.0 (Pulse Connect Secure), 7.1 R20.1 (Pulse Connect Secure), 7.1 R5.0 (Pulse Connect Secure), 7.1 R18.0 (Pulse Connect Secure), 7.1 R22.3 (Pulse Connect Secure), 7.1 R13.0 (Pulse Connect Secure), 7.1 R20.2 (Pulse Connect Secure), 7.1 R1.0 (Pulse Connect Secure), 7.1 R6.0 (Pulse Connect Secure), 7.1 R19.0 (Pulse Connect Secure), 7.1 R22.4 (Pulse Connect Secure), 7.1 R14.0 (Pulse Connect Secure), 7.1 R21.0 (Pulse Connect Secure), 7.1 R1.1 (Pulse Connect Secure), 7.1 R7.0 (Pulse Connect Secure), 7.1 R19.1 (Pulse Connect Secure), 7.4 R8.0 (Pulse Connect Secure), 7.4 R11.0 (Pulse Connect Secure), 7.4 R3.0 (Pulse Connect Secure), 7.4 R13.3 (Pulse Connect Secure), 7.4 R9.0 (Pulse Connect Secure), 7.4 R11.1 (Pulse Connect Secure), 7.4 R4.0 (Pulse Connect Secure), 7.4 R13.4 (Pulse Connect Secure), 7.4 R9.1 (Pulse Connect Secure), 7.4 R12.0 (Pulse Connect Secure), 7.4 (Pulse Connect Secure), 7.4 R5.0 (Pulse Connect Secure), 7.4 R13.5 (Pulse Connect Secure), 7.4 R9.2 (Pulse Connect Secure), 7.4 R13.0 (Pulse Connect Secure), 7.4 R6.0 (Pulse Connect Secure), 7.4 R1.0 (Pulse Connect Secure), 7.4 R13.6 (Pulse Connect Secure), 7.4 R9.3 (Pulse Connect Secure), 7.4 R13.1 (Pulse Connect Secure), 7.4 R7.0 (Pulse Connect Secure), 7.4 R10.0 (Pulse Connect Secure), 7.4 R2.0 (Pulse Connect Secure), 7.4 R13.2 (Pulse Connect Secure), 8.1 R9.2 (Pulse Connect Secure), 8.1 R12.0 (Pulse Connect Secure), 8.1 R6.0 (Pulse Connect Secure), 8.1 R1.0 (Pulse Connect Secure), 8.1 R3.1 (Pulse Connect Secure), 8.1 R12.1 (Pulse Connect Secure), 8.1 R7.0 (Pulse Connect Secure), 8.1 R1.1 (Pulse Connect Secure), 8.1 R3.2 (Pulse Connect Secure), 8.1 R13.0 (Pulse Connect Secure), 8.1 R8.0 (Pulse Connect Secure), 8.1 R10.0 (Pulse Connect Secure), 8.1 R4.0 (Pulse Connect Secure), 8.1 R14.0 (Pulse Connect Secure), 8.1 R11.0 (Pulse Connect Secure), 8.1 R9.0 (Pulse Connect Secure), 8.1 R4.1 (Pulse Connect Secure), 8.1 R2.0 (Pulse Connect Secure), 8.1 R9.1 (Pulse Connect Secure), 8.1 R11.1 (Pulse Connect Secure), 8.1 R5.0 (Pulse Connect Secure), 8.1 (Pulse Connect Secure), 8.1 R2.1 (Pulse Connect Secure), 8.2 R9.0 (Pulse Connect Secure), 8.2 R7.0 (Pulse Connect Secure), 8.2 R4.0 (Pulse Connect Secure), 8.2 R2.0 (Pulse Connect Secure), 8.2 R1.0 (Pulse Connect Secure), 8.2 R7.1 (Pulse Connect Secure), 8.2 R4.1 (Pulse Connect Secure), 8.2 R3.0 (Pulse Connect Secure), 8.2 R1.1 (Pulse Connect Secure), 8.2 R8.0 (Pulse Connect Secure), 8.2 R5.0 (Pulse Connect Secure), 8.2 R3.1 (Pulse Connect Secure), 8.2 R10.0 (Pulse Connect Secure), 8.2 R8.1 (Pulse Connect Secure), 8.2 R5.1 (Pulse Connect Secure), 8.2 R11.0 (Pulse Connect Secure), 8.2 R8.2 (Pulse Connect Secure), 8.2 R6.0 (Pulse Connect Secure), 8.2 R12.0 (Pulse Connect Secure), 8.3 R7 (Pulse Connect Secure), 8.3 R5 (Pulse Connect Secure), 8.3 R1 (Pulse Connect Secure), 8.3 R5.1 (Pulse Connect Secure), 8.3 R2 (Pulse Connect Secure), 8.3 R5.2 (Pulse Connect Secure), 8.3 R2.1 (Pulse Connect Secure), 8.3 R6 (Pulse Connect Secure), 8.3 R3 (Pulse Connect Secure), 8.3 R6.1 (Pulse Connect Secure), 8.3 R4 (Pulse Connect Secure), 9.0 R3.1 (Pulse Connect Secure), 9.0 R3.2 (Pulse Connect Secure), 9.0 R1 (Pulse Connect Secure), 9.0 R2 (Pulse Connect Secure), 9.0 R2.1 (Pulse Connect Secure), 9.0 R3 (Pulse Connect Secure)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "22.03.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.02.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "27.08.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-02980",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-11510",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Pulse Connect Secure",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VPN-\u0448\u043b\u044e\u0437\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 Pulse Connect Secure, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 (CWE-275)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VPN-\u0448\u043b\u044e\u0437\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 Pulse Connect Secure \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 URI",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.cvedetails.com/cve/CVE-2019-11510/\nhttps://www.securityfocus.com/bid/108073/info\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11510\nhttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11510\nhttps://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv\nhttp://packetstormsecurity.com/files/154176/Pulse-Secure-SSL-VPN-8.1R15.1-8.2-8.3-9.0-Arbitrary-File-Disclosure.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-275",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}

CVE-2019-11510 (GCVE-0-2019-11510)

Vulnerability from cvelistv5 – Published: 2019-05-08 16:18 – Updated: 2025-10-21 23:45

Summary

In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .

Severity ?

9.9 (Critical)


                        
                          CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N

CWE

Assigner

mitre

References

URL

Tags

	https://kb.pulsesecure.net/?atype=sa	x_refsource_MISC
	https://kb.pulsesecure.net/articles/Pulse_Securit…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/108073	vdb-entryx_refsource_BID
	https://psirt.global.sonicwall.com/vuln-detail/SN…	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/154176/Pulse…	x_refsource_MISC
	https://badpackets.net/over-14500-pulse-secure-vp…	x_refsource_MISC
	http://packetstormsecurity.com/files/154231/Pulse…	x_refsource_MISC
	https://i.blackhat.com/USA-19/Wednesday/us-19-Tsa…	x_refsource_MISC
	https://devco.re/blog/2019/09/02/attacking-ssl-vp…	x_refsource_MISC
	https://lists.apache.org/thread.html/ff5fa1837b6b…	mailing-listx_refsource_MLIST
	https://www.kb.cert.org/vuls/id/927237	third-party-advisoryx_refsource_CERT-VN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.694Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/?atype=sa"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"
          },
          {
            "name": "108073",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108073"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154176/Pulse-Secure-SSL-VPN-8.1R15.1-8.2-8.3-9.0-Arbitrary-File-Disclosure.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://badpackets.net/over-14500-pulse-secure-vpn-endpoints-vulnerable-to-cve-2019-11510/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154231/Pulse-Secure-SSL-VPN-File-Disclosure-NSE.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/"
          },
          {
            "name": "[guacamole-user] 20190912 Re: [Guacamole hack attack?]",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ff5fa1837b6bd1b24d18a42faa75e165a4573dbe2d434910c15fd08a%40%3Cuser.guacamole.apache.org%3E"
          },
          {
            "name": "VU#927237",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/927237"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-11510",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-03T16:16:21.996263Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11510"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-22",
                "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:45:37.755Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11510"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00.000Z",
            "value": "CVE-2019-11510 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability ."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-16T17:06:17.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/?atype=sa"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"
        },
        {
          "name": "108073",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108073"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154176/Pulse-Secure-SSL-VPN-8.1R15.1-8.2-8.3-9.0-Arbitrary-File-Disclosure.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://badpackets.net/over-14500-pulse-secure-vpn-endpoints-vulnerable-to-cve-2019-11510/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154231/Pulse-Secure-SSL-VPN-File-Disclosure-NSE.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/"
        },
        {
          "name": "[guacamole-user] 20190912 Re: [Guacamole hack attack?]",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/ff5fa1837b6bd1b24d18a42faa75e165a4573dbe2d434910c15fd08a%40%3Cuser.guacamole.apache.org%3E"
        },
        {
          "name": "VU#927237",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/927237"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11510",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability ."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/?atype=sa",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/?atype=sa"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"
            },
            {
              "name": "108073",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108073"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010"
            },
            {
              "name": "http://packetstormsecurity.com/files/154176/Pulse-Secure-SSL-VPN-8.1R15.1-8.2-8.3-9.0-Arbitrary-File-Disclosure.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154176/Pulse-Secure-SSL-VPN-8.1R15.1-8.2-8.3-9.0-Arbitrary-File-Disclosure.html"
            },
            {
              "name": "https://badpackets.net/over-14500-pulse-secure-vpn-endpoints-vulnerable-to-cve-2019-11510/",
              "refsource": "MISC",
              "url": "https://badpackets.net/over-14500-pulse-secure-vpn-endpoints-vulnerable-to-cve-2019-11510/"
            },
            {
              "name": "http://packetstormsecurity.com/files/154231/Pulse-Secure-SSL-VPN-File-Disclosure-NSE.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154231/Pulse-Secure-SSL-VPN-File-Disclosure-NSE.html"
            },
            {
              "name": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf",
              "refsource": "MISC",
              "url": "https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf"
            },
            {
              "name": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/",
              "refsource": "MISC",
              "url": "https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/"
            },
            {
              "name": "[guacamole-user] 20190912 Re: [Guacamole hack attack?]",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/ff5fa1837b6bd1b24d18a42faa75e165a4573dbe2d434910c15fd08a@%3Cuser.guacamole.apache.org%3E"
            },
            {
              "name": "VU#927237",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/927237"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11510",
    "datePublished": "2019-05-08T16:18:28.000Z",
    "dateReserved": "2019-04-24T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:45:37.755Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2019-02980

CVE-2019-11510 (GCVE-0-2019-11510)

Tags

Sightings

Nomenclature