Strike ID:
E19-7nx21
CVSS:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
2
Year:
2019

Description

This strike simulates an attack on Pulse Connect Secure versions prior to 8.1 R15.1, 8.2 before 8.2 R12.1, 8.3 before 8.3 R7.1, and 9.0 before 9.0 R3.4. The flaw takes advantage of a directory traversal vulnerability and allows remote unauthenticated attackers to read arbitrary files residing on the host system.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}