CVE-2016-4791

The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ivanti:connect_secure:8.1:*:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1r1.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:ivanti:connect_secure:8.2:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:ivanti:connect_secure:8.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:pulsesecure:pulse_connect_secure:7.4:*:*:*:*:*:*:*

History

27 Feb 2024, 21:04

Type Values Removed Values Added
First Time Ivanti connect Secure
Ivanti
CPE cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1:*:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:*:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:8.2:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:8.1:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:8.0:*:*:*:*:*:*:*

Information

Published : 2016-05-26 14:59

Updated : 2024-02-28 15:21


NVD link : CVE-2016-4791

Mitre link : CVE-2016-4791

CVE.ORG link : CVE-2016-4791


JSON object : View

Products Affected

pulsesecure

  • pulse_connect_secure

ivanti

  • connect_secure