CVE-2018-20812 (GCVE-0-2018-20812)

Vulnerability from cvelistv5 – Published: 2019-03-16 03:00 – Updated: 2024-09-16 20:03
VLAI
Summary
An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints.
CWE
  • n/a
Assigner
References
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:12:27.153Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-16T03:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-20812",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-20812",
    "datePublished": "2019-03-16T03:00:00.000Z",
    "dateReserved": "2019-03-15T00:00:00.000Z",
    "dateUpdated": "2024-09-16T20:03:39.172Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-20812",
      "date": "2026-07-12",
      "epss": "0.01111",
      "percentile": "0.6209"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r1.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"F6FEAC7A-DC46-4334-B631-BB5DDD28D7EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r10.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"478845B1-EB76-4E26-BC63-983FD0C81302\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r11.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"5888F242-DD03-4452-A16D-63AE9F2F3C93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r11.1:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"8AD8B7C8-5BBB-421A-A4D3-CD8E6BA2FD6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r12.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"5EF0D642-D3CC-43D6-8C3B-DEF74598B849\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r13.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"4E2DD454-6B88-4831-84C8-5C220D4B2535\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r2.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"2CA76304-E77F-40FB-94AE-7FAB05E8898D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r3.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"0B96B4E1-B80C-4D71-A7CF-8465A1B9EE84\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r4.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"733ACB57-E4B2-4E2E-A21D-E007FA118327\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r5.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"3154F445-7DE0-4E14-8F4F-291B12AC49E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r6.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"6E5E8C37-B618-4E2C-AAB7-8A417BCB10B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r7.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"E7D60E02-F823-4898-A7F8-76763192115F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r8.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"8D7BF91F-67EA-4F22-9A72-455E89C9EF63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r9.0:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"BC88C4B6-763E-4BD2-8F4A-A1BD10EF789B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r9.1:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"2C6939F9-1822-43A2-8603-75E64D445CAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r9.2:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"A24A6C6D-432A-4883-A208-AC2EA1704977\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r1.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"053DFC37-B75B-410B-8C8F-29B2F05B3A36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r1.1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"E7720FB6-CE48-4BC2-A9BF-FC6584F2E859\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r10.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"AA15F6D3-5768-4246-B299-3DB71B22DCB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r11.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"220B3F40-7087-4DDE-B9BC-C7C30A37BDA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r11.1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"9C8FA812-6F71-4397-980A-AE1E215F8B49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r12.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"4EB94E2D-8601-4107-9294-57359FD80382\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r13.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"BCFDE7A5-545B-4993-B01E-B658C27D39BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r14.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"6A61B224-89FB-4493-87D6-284ABDB0B168\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r2.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"0E870F9B-80CF-4750-9AD6-05102B212179\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r3.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"193FD9D7-0EE6-44FE-9D52-1F73BF3F09F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r3.1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"DBFFF1C0-97D1-448F-B61B-9DEA7A0B6F0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r4.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"3C0A57F1-4C29-4A2F-A07D-E0F1CAB49AA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r5.1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"C07FA018-8BA9-4EB6-AED4-71BD041BB17C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r6.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"70891236-B587-429C-8662-17C89FBC5A15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r7.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"30A98DE4-A9FB-459B-B9C9-82B39755D202\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r8.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"71DD19B3-19E8-4370-AE16-2768BF99AD5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r9.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"F9593E2D-37E8-441A-8DD0-B54D7F7450EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r9.1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"41B3306E-DF2E-4290-9CEF-B390EAEF1613\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1r:3.2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"10EA7C78-01D5-4FD5-BED9-9BE2ED6CFB62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1r:5.0:*:*:*:macos:*:*\", \"matchCriteriaId\": \"F3630DC6-E573-464E-8998-CAED241C66A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"05F11D9B-5D48-4458-A538-000E514ADB07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r1.1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"24DEA646-6F9A-4A34-9FC3-2BD4044FE49D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"8D173E98-823F-42B7-8175-5D1530B2C4A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r3:*:*:*:macos:*:*\", \"matchCriteriaId\": \"6E18D76D-36C3-47E4-A510-1E0D14C9FDFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r4:*:*:*:macos:*:*\", \"matchCriteriaId\": \"477BE870-ED64-4B86-9379-27BEC443FDF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r4.1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"F6F67A14-544D-4613-A016-C538ABA61051\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r4.2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"42808ADA-F28D-4861-AA02-457D355F5959\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r5:*:*:*:macos:*:*\", \"matchCriteriaId\": \"B8596020-8A36-441F-BC49-97AEF89E2320\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r5.2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"314B227A-A368-40D8-98C2-17C771ABDA08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r6:*:*:*:macos:*:*\", \"matchCriteriaId\": \"306CC768-4C7A-443E-9193-423B9269CF0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r7:*:*:*:macos:*:*\", \"matchCriteriaId\": \"3A33BEE3-3BA3-47B8-A71D-F1AAD153E798\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"9EF60FD2-060C-456D-A737-E27097C2F021\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"01FF161B-A5D0-4F70-922F-D8BABEE1780F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r2.1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"D42A0430-607B-49E7-A7F5-2C7AD8F3ED9F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r3:*:*:*:macos:*:*\", \"matchCriteriaId\": \"B8CA2E37-99C9-4E86-8808-04C7957CEEF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r3.2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"2208338F-6193-41BA-AA5F-9F8F49576AC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r4:*:*:*:macos:*:*\", \"matchCriteriaId\": \"8200F10B-D6C9-49D9-BEBB-5174A5CF758A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints.\"}, {\"lang\": \"es\", \"value\": \"Existe un problema de exposici\\u00f3n a la informaci\\u00f3n donde el tr\\u00e1fico DNS de IPv6 se enviar\\u00eda fuera del t\\u00fanel VPN (cuando se habilit\\u00f3 la aplicaci\\u00f3n de tr\\u00e1fico) en Pulse Secure Pulse Secure Desktop 9.0R1 e inferior. Esto se aplica solo a los puntos finales de doble pila (IPv4 / IPv6).\"}]",
      "id": "CVE-2018-20812",
      "lastModified": "2024-11-21T04:02:14.123",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-06-28T18:15:11.143",
      "references": "[{\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-20812\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-06-28T18:15:11.143\",\"lastModified\":\"2024-11-21T04:02:14.123\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints.\"},{\"lang\":\"es\",\"value\":\"Existe un problema de exposici\u00f3n a la informaci\u00f3n donde el tr\u00e1fico DNS de IPv6 se enviar\u00eda fuera del t\u00fanel VPN (cuando se habilit\u00f3 la aplicaci\u00f3n de tr\u00e1fico) en Pulse Secure Pulse Secure Desktop 9.0R1 e inferior. Esto se aplica solo a los puntos finales de doble pila (IPv4 / IPv6).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r1.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"F6FEAC7A-DC46-4334-B631-BB5DDD28D7EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r10.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"478845B1-EB76-4E26-BC63-983FD0C81302\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r11.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"5888F242-DD03-4452-A16D-63AE9F2F3C93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r11.1:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"8AD8B7C8-5BBB-421A-A4D3-CD8E6BA2FD6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r12.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"5EF0D642-D3CC-43D6-8C3B-DEF74598B849\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r13.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"4E2DD454-6B88-4831-84C8-5C220D4B2535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r2.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"2CA76304-E77F-40FB-94AE-7FAB05E8898D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r3.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"0B96B4E1-B80C-4D71-A7CF-8465A1B9EE84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r4.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"733ACB57-E4B2-4E2E-A21D-E007FA118327\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r5.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"3154F445-7DE0-4E14-8F4F-291B12AC49E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r6.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"6E5E8C37-B618-4E2C-AAB7-8A417BCB10B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r7.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"E7D60E02-F823-4898-A7F8-76763192115F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r8.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"8D7BF91F-67EA-4F22-9A72-455E89C9EF63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r9.0:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"BC88C4B6-763E-4BD2-8F4A-A1BD10EF789B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r9.1:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"2C6939F9-1822-43A2-8603-75E64D445CAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r9.2:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"A24A6C6D-432A-4883-A208-AC2EA1704977\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r1.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"053DFC37-B75B-410B-8C8F-29B2F05B3A36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r1.1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"E7720FB6-CE48-4BC2-A9BF-FC6584F2E859\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r10.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"AA15F6D3-5768-4246-B299-3DB71B22DCB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r11.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"220B3F40-7087-4DDE-B9BC-C7C30A37BDA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r11.1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"9C8FA812-6F71-4397-980A-AE1E215F8B49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r12.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"4EB94E2D-8601-4107-9294-57359FD80382\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r13.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"BCFDE7A5-545B-4993-B01E-B658C27D39BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r14.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"6A61B224-89FB-4493-87D6-284ABDB0B168\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r2.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"0E870F9B-80CF-4750-9AD6-05102B212179\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r3.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"193FD9D7-0EE6-44FE-9D52-1F73BF3F09F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r3.1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"DBFFF1C0-97D1-448F-B61B-9DEA7A0B6F0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r4.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"3C0A57F1-4C29-4A2F-A07D-E0F1CAB49AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r5.1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"C07FA018-8BA9-4EB6-AED4-71BD041BB17C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r6.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"70891236-B587-429C-8662-17C89FBC5A15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r7.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"30A98DE4-A9FB-459B-B9C9-82B39755D202\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r8.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"71DD19B3-19E8-4370-AE16-2768BF99AD5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r9.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"F9593E2D-37E8-441A-8DD0-B54D7F7450EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r9.1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"41B3306E-DF2E-4290-9CEF-B390EAEF1613\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1r:3.2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"10EA7C78-01D5-4FD5-BED9-9BE2ED6CFB62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1r:5.0:*:*:*:macos:*:*\",\"matchCriteriaId\":\"F3630DC6-E573-464E-8998-CAED241C66A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"05F11D9B-5D48-4458-A538-000E514ADB07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r1.1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"24DEA646-6F9A-4A34-9FC3-2BD4044FE49D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"8D173E98-823F-42B7-8175-5D1530B2C4A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r3:*:*:*:macos:*:*\",\"matchCriteriaId\":\"6E18D76D-36C3-47E4-A510-1E0D14C9FDFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r4:*:*:*:macos:*:*\",\"matchCriteriaId\":\"477BE870-ED64-4B86-9379-27BEC443FDF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r4.1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"F6F67A14-544D-4613-A016-C538ABA61051\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r4.2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"42808ADA-F28D-4861-AA02-457D355F5959\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r5:*:*:*:macos:*:*\",\"matchCriteriaId\":\"B8596020-8A36-441F-BC49-97AEF89E2320\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r5.2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"314B227A-A368-40D8-98C2-17C771ABDA08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r6:*:*:*:macos:*:*\",\"matchCriteriaId\":\"306CC768-4C7A-443E-9193-423B9269CF0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r7:*:*:*:macos:*:*\",\"matchCriteriaId\":\"3A33BEE3-3BA3-47B8-A71D-F1AAD153E798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"9EF60FD2-060C-456D-A737-E27097C2F021\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"01FF161B-A5D0-4F70-922F-D8BABEE1780F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r2.1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"D42A0430-607B-49E7-A7F5-2C7AD8F3ED9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r3:*:*:*:macos:*:*\",\"matchCriteriaId\":\"B8CA2E37-99C9-4E86-8808-04C7957CEEF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r3.2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"2208338F-6193-41BA-AA5F-9F8F49576AC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r4:*:*:*:macos:*:*\",\"matchCriteriaId\":\"8200F10B-D6C9-49D9-BEBB-5174A5CF758A\"}]}]}],\"references\":[{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…