download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.
References
Link | Resource |
---|---|
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
27 Feb 2024, 21:04
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1:*:*:*:*:*:*:* |
cpe:2.3:a:ivanti:connect_secure:8.1:*:*:*:*:*:*:* cpe:2.3:a:ivanti:connect_secure:8.3:*:*:*:*:*:*:* |
First Time |
Ivanti connect Secure
Ivanti |
Information
Published : 2018-09-06 23:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-14366
Mitre link : CVE-2018-14366
CVE.ORG link : CVE-2018-14366
JSON object : View
Products Affected
pulsesecure
- pulse_connect_secure
- pulse_policy_secure
ivanti
- connect_secure
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')