Vulnerabilities > Pulsesecure

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-12	CVE-2017-11195	Cross-site Scripting vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0 Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. network low complexity pulsesecure CWE-79	6.1
2017-07-12	CVE-2017-11194	Cross-site Scripting vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0 Pulse Connect Secure 8.3R1 has Reflected XSS in adminservercacertdetails.cgi. network low complexity pulsesecure CWE-79	6.1
2017-07-12	CVE-2017-11193	Cross-Site Request Forgery (CSRF) vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0 Pulse Connect Secure 8.3R1 has CSRF in diag.cgi. network low complexity pulsesecure CWE-352	8.8
2016-08-02	CVE-2016-2408	Permissions, Privileges, and Access Controls vulnerability in Pulsesecure products Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors. local low complexity pulsesecure CWE-264	7.8
2016-05-26	CVE-2016-4791	The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via unspecified vectors. network low complexity pulsesecure ivanti	8.6
2016-05-26	CVE-2016-4790	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity pulsesecure ivanti CWE-79	5.5
2016-05-26	CVE-2016-4789	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity pulsesecure ivanti CWE-79	6.1
2016-05-26	CVE-2016-4788	Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors. network low complexity ivanti pulsesecure	5.8
2016-05-26	CVE-2016-4787	Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read sensitive system authentication files in an unspecified directory via unknown vectors. network low complexity ivanti pulsesecure critical	10.0
2016-05-26	CVE-2016-4786	Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r3, 8.0 before 8.0r11, and 7.4 before 7.4r13.4 allow remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. network low complexity pulsesecure ivanti	7.5

Vulnerabilities > Pulsesecure {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Pulsesecure"}]}

Vulnerabilities > Pulsesecure