CVE-2019-11539

Опубликовано: 26 апр. 2019

Источник: nvd

CVSS3: 8

CVSS3: 7.2

CVSS2: 6.5

EPSS Критический

Описание

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands.

Ссылки

http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/108073
Broken Link
Third Party Advisory
VDB Entry
https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/
Exploit
Third Party Advisory
https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf
Exploit
Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
Third Party Advisory
Vendor Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010
Third Party Advisory
https://www.kb.cert.org/vuls/id/927237
Third Party Advisory
US Government Resource
http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/108073
Broken Link
Third Party Advisory
VDB Entry
https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/
Exploit
Third Party Advisory
https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf
Exploit
Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
Third Party Advisory
Vendor Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010
Third Party Advisory
https://www.kb.cert.org/vuls/id/927237
Third Party Advisory
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11539
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ivanti:connect_secure:8.1:-:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r1.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r1.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r10.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r11.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r11.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r12.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r12.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r13.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r14.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r2.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r2.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r3.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r3.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r3.2:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r4.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r4.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r5.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r6.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r7:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r7.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r8.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r9.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r9.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.1:r9.2:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:*:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r1.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r1.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r10.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r11.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r12.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r2.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r3.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r3.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r4.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r4.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r5.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r5.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r6.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r7.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r7.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r7.2:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r8.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r8.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r8.2:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.2:r9.0:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:-:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r1.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r2:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r2.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r3:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r4:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r5:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r5.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r5.2:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r6:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r6.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:8.3:r7:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*

cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*

cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*

cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*

cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*

cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*

cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r1.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r1.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r2.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r2.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r3.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r3.2:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r4.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r5.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r6.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r7.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r8.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r9.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r9.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r10.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r11.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r11.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r12.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r12.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r13.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.1r14.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r1.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r2.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r3.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r3.2:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r4.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r5.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r6.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r7.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r7.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r8.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r9.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r9.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r10.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2r11.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.2rx:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r1.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r1.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r2.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r3.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r3.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r4.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r4.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r5.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r5.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r5.2:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r6.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r7.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r8.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r8.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r8.2:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r9.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r10.:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r11.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3r12.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.3rx:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r2:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r2.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r3:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r4:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r5:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r5.2:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r6:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r6.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r7:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4rx:*:*:*:*:*:*:*

EPSS

Процентиль: 100%

0.93911

Критический

8 High

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-mchx-p635-vpq8

CVSS3: 7.2

github

больше 3 лет назад

BDU:2023-00990

CVSS3: 8

fstec

почти 7 лет назад

Уязвимость веб-интерфейса администрирования VPN-шлюза корпоративных сетей Pulse Connect Secure, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 100%

0.93911

Критический

8 High

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-78