7.7
CVE-2019-11538
- EPSS 4.59%
- Veröffentlicht 26.04.2019 02:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:17
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1, an NFS problem could allow an authenticated attacker to access the contents of arbitrary files on the affected device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ivanti ≫ Connect Secure Version8.1 Updater1.0
Ivanti ≫ Connect Secure Version8.1 Updater1.1
Ivanti ≫ Connect Secure Version8.1 Updater10.0
Ivanti ≫ Connect Secure Version8.1 Updater11.0
Ivanti ≫ Connect Secure Version8.1 Updater11.1
Ivanti ≫ Connect Secure Version8.1 Updater12.0
Ivanti ≫ Connect Secure Version8.1 Updater12.1
Ivanti ≫ Connect Secure Version8.1 Updater13.0
Ivanti ≫ Connect Secure Version8.1 Updater14.0
Ivanti ≫ Connect Secure Version8.1 Updater2.0
Ivanti ≫ Connect Secure Version8.1 Updater2.1
Ivanti ≫ Connect Secure Version8.1 Updater3.0
Ivanti ≫ Connect Secure Version8.1 Updater3.1
Ivanti ≫ Connect Secure Version8.1 Updater3.2
Ivanti ≫ Connect Secure Version8.1 Updater4.0
Ivanti ≫ Connect Secure Version8.1 Updater4.1
Ivanti ≫ Connect Secure Version8.1 Updater5.0
Ivanti ≫ Connect Secure Version8.1 Updater6.0
Ivanti ≫ Connect Secure Version8.1 Updater7.0
Ivanti ≫ Connect Secure Version8.1 Updater8.0
Ivanti ≫ Connect Secure Version8.1 Updater9.0
Ivanti ≫ Connect Secure Version8.1 Updater9.1
Ivanti ≫ Connect Secure Version8.1 Updater9.2
Ivanti ≫ Connect Secure Version8.2 Updater1.0
Ivanti ≫ Connect Secure Version8.2 Updater1.1
Ivanti ≫ Connect Secure Version8.2 Updater10.0
Ivanti ≫ Connect Secure Version8.2 Updater11.0
Ivanti ≫ Connect Secure Version8.2 Updater12.0
Ivanti ≫ Connect Secure Version8.2 Updater2.0
Ivanti ≫ Connect Secure Version8.2 Updater3.0
Ivanti ≫ Connect Secure Version8.2 Updater3.1
Ivanti ≫ Connect Secure Version8.2 Updater4.0
Ivanti ≫ Connect Secure Version8.2 Updater4.1
Ivanti ≫ Connect Secure Version8.2 Updater5.0
Ivanti ≫ Connect Secure Version8.2 Updater5.1
Ivanti ≫ Connect Secure Version8.2 Updater6.0
Ivanti ≫ Connect Secure Version8.2 Updater7.0
Ivanti ≫ Connect Secure Version8.2 Updater7.1
Ivanti ≫ Connect Secure Version8.2 Updater7.2
Ivanti ≫ Connect Secure Version8.2 Updater8.0
Ivanti ≫ Connect Secure Version8.2 Updater8.1
Ivanti ≫ Connect Secure Version8.2 Updater8.2
Ivanti ≫ Connect Secure Version8.2 Updater9.0
Ivanti ≫ Connect Secure Version8.3 Updater1
Ivanti ≫ Connect Secure Version8.3 Updater2
Ivanti ≫ Connect Secure Version8.3 Updater2.1
Ivanti ≫ Connect Secure Version8.3 Updater3
Ivanti ≫ Connect Secure Version8.3 Updater4
Ivanti ≫ Connect Secure Version8.3 Updater5
Ivanti ≫ Connect Secure Version8.3 Updater5.1
Ivanti ≫ Connect Secure Version8.3 Updater5.2
Ivanti ≫ Connect Secure Version8.3 Updater6
Ivanti ≫ Connect Secure Version8.3 Updater6.1
Ivanti ≫ Connect Secure Version9.0 Updater1
Ivanti ≫ Connect Secure Version9.0 Updater2
Ivanti ≫ Connect Secure Version9.0 Updater2.1
Ivanti ≫ Connect Secure Version9.0 Updater3
Ivanti ≫ Connect Secure Version9.0 Updater3.1
Ivanti ≫ Connect Secure Version9.0 Updater3.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.59% | 0.888 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.7 | 3.1 | 4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
| cve@mitre.org | 7.7 | 3.1 | 4 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
|
CWE-59 Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.