CVE-2019-11538
First published: Fri Apr 26 2019(Updated: )
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1, an NFS problem could allow an authenticated attacker to access the contents of arbitrary files on the affected device.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ivanti Connect Secure (ICS) VPN | =8.1-r1.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r1.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r10.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r11.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r11.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r12.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r12.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r13.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r14.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r2.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r2.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r3.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r3.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r3.2 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r4.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r4.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r5.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r6.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r7.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r8.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r9.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r9.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.1-r9.2 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r1.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r1.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r10.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r11.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r12.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r2.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r3.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r3.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r4.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r4.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r5.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r5.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r6.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r7.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r7.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r7.2 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r8.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r8.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r8.2 | |
| Ivanti Connect Secure (ICS) VPN | =8.2-r9.0 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r1 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r2 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r2.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r3 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r4 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r5 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r5.1 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r5.2 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r6 | |
| Ivanti Connect Secure (ICS) VPN | =8.3-r6.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r1 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r2 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r2.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r3 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r3.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r3.2 | |
| Pulse Secure Pulse Connect Secure | =8.1-r1.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r1.1 | |
| Pulse Secure Pulse Connect Secure | =8.1-r10.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r11.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r11.1 | |
| Pulse Secure Pulse Connect Secure | =8.1-r12.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r12.1 | |
| Pulse Secure Pulse Connect Secure | =8.1-r13.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r14.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r2.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r2.1 | |
| Pulse Secure Pulse Connect Secure | =8.1-r3.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r3.1 | |
| Pulse Secure Pulse Connect Secure | =8.1-r3.2 | |
| Pulse Secure Pulse Connect Secure | =8.1-r4.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r4.1 | |
| Pulse Secure Pulse Connect Secure | =8.1-r5.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r6.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r7.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r8.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r9.0 | |
| Pulse Secure Pulse Connect Secure | =8.1-r9.1 | |
| Pulse Secure Pulse Connect Secure | =8.1-r9.2 | |
| Pulse Secure Pulse Connect Secure | =8.2-r1.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r1.1 | |
| Pulse Secure Pulse Connect Secure | =8.2-r10.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r11.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r12.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r2.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r3.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r3.1 | |
| Pulse Secure Pulse Connect Secure | =8.2-r4.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r4.1 | |
| Pulse Secure Pulse Connect Secure | =8.2-r5.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r5.1 | |
| Pulse Secure Pulse Connect Secure | =8.2-r6.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r7.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r7.1 | |
| Pulse Secure Pulse Connect Secure | =8.2-r7.2 | |
| Pulse Secure Pulse Connect Secure | =8.2-r8.0 | |
| Pulse Secure Pulse Connect Secure | =8.2-r8.1 | |
| Pulse Secure Pulse Connect Secure | =8.2-r8.2 | |
| Pulse Secure Pulse Connect Secure | =8.2-r9.0 | |
| Pulse Secure Pulse Connect Secure | =8.3-r1 | |
| Pulse Secure Pulse Connect Secure | =8.3-r2 | |
| Pulse Secure Pulse Connect Secure | =8.3-r2.1 | |
| Pulse Secure Pulse Connect Secure | =8.3-r3 | |
| Pulse Secure Pulse Connect Secure | =8.3-r4 | |
| Pulse Secure Pulse Connect Secure | =8.3-r5 | |
| Pulse Secure Pulse Connect Secure | =8.3-r5.1 | |
| Pulse Secure Pulse Connect Secure | =8.3-r5.2 | |
| Pulse Secure Pulse Connect Secure | =8.3-r6 | |
| Pulse Secure Pulse Connect Secure | =8.3-r6.1 | |
| Pulse Secure Pulse Connect Secure | =9.0-r1 | |
| Pulse Secure Pulse Connect Secure | =9.0-r2 | |
| Pulse Secure Pulse Connect Secure | =9.0-r2.1 | |
| Pulse Secure Pulse Connect Secure | =9.0-r3 | |
| Pulse Secure Pulse Connect Secure | =9.0-r3.1 | |
| Pulse Secure Pulse Connect Secure | =9.0-r3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/108073
- https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/
- https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010
- https://www.kb.cert.org/vuls/id/927237
Frequently Asked Questions
What is the severity of CVE-2019-11538?
CVE-2019-11538 is considered a high-severity vulnerability due to its potential to allow authenticated attackers to access sensitive files.
How do I fix CVE-2019-11538?
To remediate CVE-2019-11538, upgrade to Pulse Secure Pulse Connect Secure version 9.0R3.4, 8.3R7.1, 8.2R12.1, or 8.1R15.1 or later.
Which versions of Pulse Secure are affected by CVE-2019-11538?
CVE-2019-11538 affects versions 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1.
What is the impact of CVE-2019-11538 on security?
The impact of CVE-2019-11538 includes potential unauthorized access to the contents of arbitrary files, posing a significant risk to data security.
Who is vulnerable to CVE-2019-11538?
Organizations using the affected versions of Pulse Secure Pulse Connect Secure are vulnerable to CVE-2019-11538.
- agent/references
- agent/type
- agent/weakness
- agent/description
- agent/severity
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/ivanti
- canonical/ivanti connect secure (ics) vpn
- version/ivanti connect secure (ics) vpn/8.1-r1.0
- version/ivanti connect secure (ics) vpn/8.1-r1.1
- version/ivanti connect secure (ics) vpn/8.1-r10.0
- version/ivanti connect secure (ics) vpn/8.1-r11.0
- version/ivanti connect secure (ics) vpn/8.1-r11.1
- version/ivanti connect secure (ics) vpn/8.1-r12.0
- version/ivanti connect secure (ics) vpn/8.1-r12.1
- version/ivanti connect secure (ics) vpn/8.1-r13.0
- version/ivanti connect secure (ics) vpn/8.1-r14.0
- version/ivanti connect secure (ics) vpn/8.1-r2.0
- version/ivanti connect secure (ics) vpn/8.1-r2.1
- version/ivanti connect secure (ics) vpn/8.1-r3.0
- version/ivanti connect secure (ics) vpn/8.1-r3.1
- version/ivanti connect secure (ics) vpn/8.1-r3.2
- version/ivanti connect secure (ics) vpn/8.1-r4.0
- version/ivanti connect secure (ics) vpn/8.1-r4.1
- version/ivanti connect secure (ics) vpn/8.1-r5.0
- version/ivanti connect secure (ics) vpn/8.1-r6.0
- version/ivanti connect secure (ics) vpn/8.1-r7.0
- version/ivanti connect secure (ics) vpn/8.1-r8.0
- version/ivanti connect secure (ics) vpn/8.1-r9.0
- version/ivanti connect secure (ics) vpn/8.1-r9.1
- version/ivanti connect secure (ics) vpn/8.1-r9.2
- version/ivanti connect secure (ics) vpn/8.2-r1.0
- version/ivanti connect secure (ics) vpn/8.2-r1.1
- version/ivanti connect secure (ics) vpn/8.2-r10.0
- version/ivanti connect secure (ics) vpn/8.2-r11.0
- version/ivanti connect secure (ics) vpn/8.2-r12.0
- version/ivanti connect secure (ics) vpn/8.2-r2.0
- version/ivanti connect secure (ics) vpn/8.2-r3.0
- version/ivanti connect secure (ics) vpn/8.2-r3.1
- version/ivanti connect secure (ics) vpn/8.2-r4.0
- version/ivanti connect secure (ics) vpn/8.2-r4.1
- version/ivanti connect secure (ics) vpn/8.2-r5.0
- version/ivanti connect secure (ics) vpn/8.2-r5.1
- version/ivanti connect secure (ics) vpn/8.2-r6.0
- version/ivanti connect secure (ics) vpn/8.2-r7.0
- version/ivanti connect secure (ics) vpn/8.2-r7.1
- version/ivanti connect secure (ics) vpn/8.2-r7.2
- version/ivanti connect secure (ics) vpn/8.2-r8.0
- version/ivanti connect secure (ics) vpn/8.2-r8.1
- version/ivanti connect secure (ics) vpn/8.2-r8.2
- version/ivanti connect secure (ics) vpn/8.2-r9.0
- version/ivanti connect secure (ics) vpn/8.3-r1
- version/ivanti connect secure (ics) vpn/8.3-r2
- version/ivanti connect secure (ics) vpn/8.3-r2.1
- version/ivanti connect secure (ics) vpn/8.3-r3
- version/ivanti connect secure (ics) vpn/8.3-r4
- version/ivanti connect secure (ics) vpn/8.3-r5
- version/ivanti connect secure (ics) vpn/8.3-r5.1
- version/ivanti connect secure (ics) vpn/8.3-r5.2
- version/ivanti connect secure (ics) vpn/8.3-r6
- version/ivanti connect secure (ics) vpn/8.3-r6.1
- version/ivanti connect secure (ics) vpn/9.0-r1
- version/ivanti connect secure (ics) vpn/9.0-r2
- version/ivanti connect secure (ics) vpn/9.0-r2.1
- version/ivanti connect secure (ics) vpn/9.0-r3
- version/ivanti connect secure (ics) vpn/9.0-r3.1
- version/ivanti connect secure (ics) vpn/9.0-r3.2
- vendor/pulsesecure
- canonical/pulse secure pulse connect secure
- version/pulse secure pulse connect secure/8.1-r1.0
- version/pulse secure pulse connect secure/8.1-r1.1
- version/pulse secure pulse connect secure/8.1-r10.0
- version/pulse secure pulse connect secure/8.1-r11.0
- version/pulse secure pulse connect secure/8.1-r11.1
- version/pulse secure pulse connect secure/8.1-r12.0
- version/pulse secure pulse connect secure/8.1-r12.1
- version/pulse secure pulse connect secure/8.1-r13.0
- version/pulse secure pulse connect secure/8.1-r14.0
- version/pulse secure pulse connect secure/8.1-r2.0
- version/pulse secure pulse connect secure/8.1-r2.1
- version/pulse secure pulse connect secure/8.1-r3.0
- version/pulse secure pulse connect secure/8.1-r3.1
- version/pulse secure pulse connect secure/8.1-r3.2
- version/pulse secure pulse connect secure/8.1-r4.0
- version/pulse secure pulse connect secure/8.1-r4.1
- version/pulse secure pulse connect secure/8.1-r5.0
- version/pulse secure pulse connect secure/8.1-r6.0
- version/pulse secure pulse connect secure/8.1-r7.0
- version/pulse secure pulse connect secure/8.1-r8.0
- version/pulse secure pulse connect secure/8.1-r9.0
- version/pulse secure pulse connect secure/8.1-r9.1
- version/pulse secure pulse connect secure/8.1-r9.2
- version/pulse secure pulse connect secure/8.2-r1.0
- version/pulse secure pulse connect secure/8.2-r1.1
- version/pulse secure pulse connect secure/8.2-r10.0
- version/pulse secure pulse connect secure/8.2-r11.0
- version/pulse secure pulse connect secure/8.2-r12.0
- version/pulse secure pulse connect secure/8.2-r2.0
- version/pulse secure pulse connect secure/8.2-r3.0
- version/pulse secure pulse connect secure/8.2-r3.1
- version/pulse secure pulse connect secure/8.2-r4.0
- version/pulse secure pulse connect secure/8.2-r4.1
- version/pulse secure pulse connect secure/8.2-r5.0
- version/pulse secure pulse connect secure/8.2-r5.1
- version/pulse secure pulse connect secure/8.2-r6.0
- version/pulse secure pulse connect secure/8.2-r7.0
- version/pulse secure pulse connect secure/8.2-r7.1
- version/pulse secure pulse connect secure/8.2-r7.2
- version/pulse secure pulse connect secure/8.2-r8.0
- version/pulse secure pulse connect secure/8.2-r8.1
- version/pulse secure pulse connect secure/8.2-r8.2
- version/pulse secure pulse connect secure/8.2-r9.0
- version/pulse secure pulse connect secure/8.3-r1
- version/pulse secure pulse connect secure/8.3-r2
- version/pulse secure pulse connect secure/8.3-r2.1
- version/pulse secure pulse connect secure/8.3-r3
- version/pulse secure pulse connect secure/8.3-r4
- version/pulse secure pulse connect secure/8.3-r5
- version/pulse secure pulse connect secure/8.3-r5.1
- version/pulse secure pulse connect secure/8.3-r5.2
- version/pulse secure pulse connect secure/8.3-r6
- version/pulse secure pulse connect secure/8.3-r6.1
- version/pulse secure pulse connect secure/9.0-r1
- version/pulse secure pulse connect secure/9.0-r2
- version/pulse secure pulse connect secure/9.0-r2.1
- version/pulse secure pulse connect secure/9.0-r3
- version/pulse secure pulse connect secure/9.0-r3.1
- version/pulse secure pulse connect secure/9.0-r3.2