Pulse Connect Secure 8.3R1 has CSRF in diag.cgi. In the panel, the diag.cgi file is responsible for running commands such as ping, ping6, traceroute, traceroute6, nslookup, arp, and Portprobe. These functions do not have any protections against CSRF. That can allow an attacker to run these commands against any IP if they can get an admin to visit their malicious CSRF page.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/99621 | |
http://www.sxcurity.pro/Multiple%20XSS%20and%20CSRF%20in%20Pulse%20Connect%20Secure%20v8.3R1.pdf | Third Party Advisory |
https://twitter.com/sxcurity/status/884556905145937921 | Third Party Advisory |
http://www.securityfocus.com/bid/99621 | |
http://www.sxcurity.pro/Multiple%20XSS%20and%20CSRF%20in%20Pulse%20Connect%20Secure%20v8.3R1.pdf | Third Party Advisory |
https://twitter.com/sxcurity/status/884556905145937921 | Third Party Advisory |
Configurations
History
21 Nov 2024, 03:07
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/99621 - | |
References | () http://www.sxcurity.pro/Multiple%20XSS%20and%20CSRF%20in%20Pulse%20Connect%20Secure%20v8.3R1.pdf - Third Party Advisory | |
References | () https://twitter.com/sxcurity/status/884556905145937921 - Third Party Advisory |
Information
Published : 2017-07-12 20:29
Updated : 2024-11-21 03:07
NVD link : CVE-2017-11193
Mitre link : CVE-2017-11193
CVE.ORG link : CVE-2017-11193
JSON object : View
Products Affected
pulsesecure
- pulse_connect_secure
CWE
CWE-352
Cross-Site Request Forgery (CSRF)