CVE-2019-11213 (GCVE-0-2019-11213)

Vulnerability from cvelistv5 – Published: 2019-04-12 14:27 – Updated: 2024-08-04 22:48
VLAI?
Summary
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:48:09.014Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#192371",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/192371"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-18T19:06:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#192371",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/192371"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11213",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#192371",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/192371"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/",
              "refsource": "MISC",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11213",
    "datePublished": "2019-04-12T14:27:31",
    "dateReserved": "2019-04-12T00:00:00",
    "dateUpdated": "2024-08-04T22:48:09.014Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.0r1\", \"versionEndExcluding\": \"9.0r3\", \"matchCriteriaId\": \"28C2FF1B-EFAD-4DAE-B6A0-F116D3352F73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.1r1.0\", \"versionEndIncluding\": \"8.1r14.0\", \"matchCriteriaId\": \"4327BA6A-8DE3-4DFD-99F2-BF1341389963\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.3r1\", \"versionEndExcluding\": \"8.3r7\", \"matchCriteriaId\": \"A563F427-C781-4FA4-BAE9-B8D9FE345E61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.0r1.0\", \"versionEndExcluding\": \"5.3r7\", \"matchCriteriaId\": \"854EDA08-BE02-4E8D-AE7D-3B6C3B9B3CF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.0r1\", \"versionEndExcluding\": \"9.0r3\", \"matchCriteriaId\": \"265AC18D-20CC-4835-A864-3B14BC00D02C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3.\"}, {\"lang\": \"es\", \"value\": \"En Pulse Secure Pulse Desktop Client y Network Connect, un atacante podr\\u00eda acceder a los tokens de sesi\\u00f3n para responder y suplantar sesiones, y , como resultado, obtener acceso no autorizado como usuario final, un problema relacionado con el identificador CVE-2019-1573. (El endpoint tendr\\u00eda que estar ya comprometido para que la explotaci\\u00f3n tenga \\u00e9xito.) Esto afecta a Pulse Desktop Client 5.x anterior a Secure Desktop 5.3R7 y a Pulse Desktop Client 9.x anterior a Secure Desktop 9.0R3. Tambi\\u00e9n afecta (para clientes Network Connect) a Pulse Connect Secure 8.1 anterior a 8.1R14, 8.3 anterior a 8.3R7, y 9.0 anterior a 9.0R3.\"}]",
      "id": "CVE-2019-11213",
      "lastModified": "2024-11-21T04:20:44.373",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-04-12T15:29:00.230",
      "references": "[{\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/192371\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/192371\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-384\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-11213\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-04-12T15:29:00.230\",\"lastModified\":\"2024-11-21T04:20:44.373\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3.\"},{\"lang\":\"es\",\"value\":\"En Pulse Secure Pulse Desktop Client y Network Connect, un atacante podr\u00eda acceder a los tokens de sesi\u00f3n para responder y suplantar sesiones, y , como resultado, obtener acceso no autorizado como usuario final, un problema relacionado con el identificador CVE-2019-1573. (El endpoint tendr\u00eda que estar ya comprometido para que la explotaci\u00f3n tenga \u00e9xito.) Esto afecta a Pulse Desktop Client 5.x anterior a Secure Desktop 5.3R7 y a Pulse Desktop Client 9.x anterior a Secure Desktop 9.0R3. Tambi\u00e9n afecta (para clientes Network Connect) a Pulse Connect Secure 8.1 anterior a 8.1R14, 8.3 anterior a 8.3R7, y 9.0 anterior a 9.0R3.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-384\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0r1\",\"versionEndExcluding\":\"9.0r3\",\"matchCriteriaId\":\"28C2FF1B-EFAD-4DAE-B6A0-F116D3352F73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.1r1.0\",\"versionEndIncluding\":\"8.1r14.0\",\"matchCriteriaId\":\"4327BA6A-8DE3-4DFD-99F2-BF1341389963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.3r1\",\"versionEndExcluding\":\"8.3r7\",\"matchCriteriaId\":\"A563F427-C781-4FA4-BAE9-B8D9FE345E61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0r1.0\",\"versionEndExcluding\":\"5.3r7\",\"matchCriteriaId\":\"854EDA08-BE02-4E8D-AE7D-3B6C3B9B3CF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0r1\",\"versionEndExcluding\":\"9.0r3\",\"matchCriteriaId\":\"265AC18D-20CC-4835-A864-3B14BC00D02C\"}]}]}],\"references\":[{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/192371\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/192371\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.