Vulnerabilities > CVE-2018-5299 - Out-of-bounds Write vulnerability in Pulsesecure Pulse Connect Secure and Pulse Policy Secure

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
pulsesecure
CWE-787
critical

Summary

A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (PPS) before 5.4R4, leading to memory corruption and possibly remote code execution.

Common Weakness Enumeration (CWE)