CVE-2019-11540
First published: Fri Apr 26 2019(Updated: )
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pulsesecure Pulse Connect Secure | =8.3 | |
| Pulsesecure Pulse Connect Secure | =8.3rx | |
| Pulsesecure Pulse Connect Secure | =9.0r1 | |
| Pulsesecure Pulse Connect Secure | =9.0r2 | |
| Pulsesecure Pulse Connect Secure | =9.0r2.1 | |
| Pulsesecure Pulse Connect Secure | =9.0r3 | |
| Pulsesecure Pulse Connect Secure | =9.0r3.1 | |
| Pulsesecure Pulse Connect Secure | =9.0r3.2 | |
| Pulsesecure Pulse Connect Secure | =9.0rx | |
| Pulsesecure Pulse Policy Secure | =5.4r1 | |
| Pulsesecure Pulse Policy Secure | =5.4r2 | |
| Pulsesecure Pulse Policy Secure | =5.4r2.1 | |
| Pulsesecure Pulse Policy Secure | =5.4r3 | |
| Pulsesecure Pulse Policy Secure | =5.4r4 | |
| Pulsesecure Pulse Policy Secure | =5.4r5 | |
| Pulsesecure Pulse Policy Secure | =5.4r5.2 | |
| Pulsesecure Pulse Policy Secure | =5.4r6 | |
| Pulsesecure Pulse Policy Secure | =5.4r6.1 | |
| Pulsesecure Pulse Policy Secure | =5.4r7 | |
| Pulsesecure Pulse Policy Secure | =5.4rx | |
| Pulsesecure Pulse Policy Secure | =9.0r1 | |
| Pulsesecure Pulse Policy Secure | =9.0r2 | |
| Pulsesecure Pulse Policy Secure | =9.0r2.1 | |
| Pulsesecure Pulse Policy Secure | =9.0r3 | |
| Pulsesecure Pulse Policy Secure | =9.0r3.1 | |
| Pulsesecure Pulse Policy Secure | =9.0rx | |
| Ivanti Connect Secure | =8.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/108073
- https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/
- https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010
- https://www.kb.cert.org/vuls/id/927237
Frequently Asked Questions
What is CVE-2019-11540?
CVE-2019-11540 is a vulnerability in Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1.
How severe is CVE-2019-11540?
CVE-2019-11540 has a severity level of 9.8 (critical).
What are the affected software versions of CVE-2019-11540?
The affected software versions of CVE-2019-11540 include Pulse Connect Secure 8.3, Pulse Connect Secure 8.3RX, Pulse Connect Secure 9.0r1, Pulse Connect Secure 9.0r2, Pulse Connect Secure 9.0r2.1, Pulse Connect Secure 9.0r3, Pulse Connect Secure 9.0r3.1, Pulse Connect Secure 9.0r3.2, Pulse Connect Secure 9.0rx, Pulse Policy Secure 5.4r1, Pulse Policy Secure 5.4r2, Pulse Policy Secure 5.4r2.1, Pulse Policy Secure 5.4r3, Pulse Policy Secure 5.4r4, Pulse Policy Secure 5.4r5, Pulse Policy Secure 5.4r5.2, Pulse Policy Secure 5.4r6, Pulse Policy Secure 5.4r6.1, Pulse Policy Secure 5.4r7, Pulse Policy Secure 5.4rx, Pulse Policy Secure 9.0r1, Pulse Policy Secure 9.0r2, Pulse Policy Secure 9.0r2.1, Pulse Policy Secure 9.0r3, Pulse Policy Secure 9.0r3.1, Pulse Policy Secure 9.0rx.
How can an attacker exploit CVE-2019-11540?
An unauthenticated, remote attacker can conduct a session hijacking attack using CVE-2019-11540.
Where can I find more information about CVE-2019-11540?
You can find more information about CVE-2019-11540 at the following references: [1] http://www.securityfocus.com/bid/108073 [2] https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ [3] https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/pulsesecure
- canonical/pulsesecure pulse connect secure
- version/pulsesecure pulse connect secure/8.3
- version/pulsesecure pulse connect secure/8.3rx
- version/pulsesecure pulse connect secure/9.0r1
- version/pulsesecure pulse connect secure/9.0r2
- version/pulsesecure pulse connect secure/9.0r2.1
- version/pulsesecure pulse connect secure/9.0r3
- version/pulsesecure pulse connect secure/9.0r3.1
- version/pulsesecure pulse connect secure/9.0r3.2
- version/pulsesecure pulse connect secure/9.0rx
- canonical/pulsesecure pulse policy secure
- version/pulsesecure pulse policy secure/5.4r1
- version/pulsesecure pulse policy secure/5.4r2
- version/pulsesecure pulse policy secure/5.4r2.1
- version/pulsesecure pulse policy secure/5.4r3
- version/pulsesecure pulse policy secure/5.4r4
- version/pulsesecure pulse policy secure/5.4r5
- version/pulsesecure pulse policy secure/5.4r5.2
- version/pulsesecure pulse policy secure/5.4r6
- version/pulsesecure pulse policy secure/5.4r6.1
- version/pulsesecure pulse policy secure/5.4r7
- version/pulsesecure pulse policy secure/5.4rx
- version/pulsesecure pulse policy secure/9.0r1
- version/pulsesecure pulse policy secure/9.0r2
- version/pulsesecure pulse policy secure/9.0r2.1
- version/pulsesecure pulse policy secure/9.0r3
- version/pulsesecure pulse policy secure/9.0r3.1
- version/pulsesecure pulse policy secure/9.0rx
- vendor/ivanti
- canonical/ivanti connect secure
- version/ivanti connect secure/8.3