CVE-2019-11213
published 2019-04-12CVE-2019-11213: In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain…
PriorityP347high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EPSS
2.82%
84.8th percentile
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | connect_secure | >= 9.0r1 < 9.0r3 | 9.0r3 |
| pulsesecure | pulse_connect_secure | 8.1r1.0 – 8.1r14.0 | — |
| pulsesecure | pulse_connect_secure | >= 8.3r1 < 8.3r7 | 8.3r7 |
| pulsesecure | pulse_secure_desktop_client | >= 5.0r1.0 < 5.3r7 | 5.3r7 |
| pulsesecure | pulse_secure_desktop_client | >= 9.0r1 < 9.0r3 | 9.0r3 |
CVSS provenance
nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q822-4vp5-26qj: In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain
ghsa_unreviewed·2022-05-13·CVSS 2.5
CVE-2019-11213 [LOW] CWE-384 GHSA-q822-4vp5-26qj: In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3.
Ivanti
Ivanti Security Advisory: CVE-2019-11213
vendor_ivanti·2019-04-12·CVSS 8.1
CVE-2019-11213 [HIGH] CWE-384 Ivanti Security Advisory: CVE-2019-11213
Ivanti Security Advisory: CVE-2019-11213
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3.
CVE IDs: CVE-2019-11213
CVSS Base Score: 8.1
Severity: HIGH
CWEs: CWE-384
No detection rules found.
No public exploits indexed.
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/https://www.kb.cert.org/vuls/id/192371https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/https://www.kb.cert.org/vuls/id/192371
2019-04-12
Published