CVE-2019-11509
published 2019-06-03CVE-2019-11509: In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS)…
PriorityP260high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
7.82%
93.9th percentile
In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | connect_secure | — | — |
| ivanti | connect_secure | — | — |
| ivanti | connect_secure | — | — |
| ivanti | connect_secure | — | — |
| ivanti | policy_secure | — | — |
| pulsesecure | pulse_policy_secure | — | — |
| pulsesecure | pulse_policy_secure | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit requires authentication via the admin web interface; monitor for authenticated admin sessions followed by unexpected code execution on Pulse Connect Secure or Pulse Policy Secure appliances
- ·Pulse Connect Secure (PCS) versions before 8.1R15.1, 8.2R12.1, 8.3R7.1, and 9.0R3.4 are vulnerable
- ·Pulse Policy Secure (PPS) versions before 5.1R15.1, 5.2R12.1, 5.3R15.1, 5.4R7.1, and 9.0R3.2 are vulnerable
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f2cx-w4q6-4qq4: In Pulse Secure Pulse Connect Secure (PCS) before 8
ghsa_unreviewed·2022-05-24
CVE-2019-11509 [HIGH] GHSA-f2cx-w4q6-4qq4: In Pulse Secure Pulse Connect Secure (PCS) before 8
In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance.
Ivanti
Ivanti Security Advisory: CVE-2019-11509
vendor_ivanti·2019-06-03·CVSS 8.8
CVE-2019-11509 [HIGH] Ivanti Security Advisory: CVE-2019-11509
Ivanti Security Advisory: CVE-2019-11509
In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance.
CVE IDs: CVE-2019-11509
CVSS Base Score: 8.8
Severity: HIGH
No detection rules found.
No public exploits indexed.
2019-06-03
Published