CVE-2016-4788 — Ivanti Connect Secure vulnerability

3 documents3 sources

Severity

5.8MEDIUMNVD

EPSS

0.2%

top 56.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ivanti Connect Secure Pulsesecure Pulse Connect Secure

Timeline

PublishedMay 26

Latest updateMay 13

Description

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶NVDpulsesecure/pulse_connect_secure7.4, 8.1r1.0+1

▶NVDivanti/connect_secure8.0, 8.1, 8.2+2

🔴Vulnerability Details

GHSA

GHSA-2356-j4rx-w3fx: Pulse Connect Secure (PCS) 8↗2022-05-13

▶

CVEList

CVE-2016-4788: Pulse Connect Secure (PCS) 8↗2016-05-26

▶