Vulnerabilities > CVE-2016-4791

CVSS 8.6 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

pulsesecure

ivanti

NVD

Published: 2016-05-26

Updated: 2024-02-27

Summary

The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Pulsesecure Pulsesecure Pulse Connect Secure 8.1R1.0 Pulsesecure Pulse Connect Secure 7.4	2
Application	Ivanti Ivanti Connect Secure 8.1 Ivanti Connect Secure 8.2 Ivanti Connect Secure 8.0	3

References

http://www.securitytracker.com/id/1035932
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40210

Vulnerabilities > CVE-2016-4791 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2016-4791"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2016-4791