Vulnerabilities > Ivanti > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-05-26 CVE-2016-4792 Unspecified vulnerability in Ivanti Connect Secure 8.2
Pulse Connect Secure (PCS) 8.2 before 8.2r1 allows remote attackers to disclose sign in pages via unspecified vectors.
network
low complexity
ivanti
5.3
5.3
2016-05-26 CVE-2016-4790 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
pulsesecure ivanti CWE-79
5.5
5.5
2016-05-26 CVE-2016-4789 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
pulsesecure ivanti CWE-79
6.1
6.1
2016-05-26 CVE-2016-4788 Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors.
network
low complexity
ivanti pulsesecure
5.8
5.8