Vulnerability — CVE-2019-11542

CVE-2019-11542

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2019-11542
Description:: In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, an authenticated attacker (via the admin web interface) can send a specially crafted message resulting in a stack buffer overflow.
Last updated date:: 02/27/2024

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/24/2023
Reference url to background: https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/24/2023
Reference url to background: https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf