Vulnerability — CVE-2019-11508

CVE-2019-11508

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2019-11508
Description:: In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance.
Last updated date:: 02/27/2024

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/24/2023
Reference url to background: https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/24/2023
Reference url to background: https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf