NVD - CVE-2019-11510 (original) (raw)
CVE CISA KEV Update by Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government 12/17/2025 9:00:02 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | Due Date | 2021-04-23 | 2022-05-03 |
Modified Analysis by NIST 11/06/2025 11:51:32 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference Type | CISA-ADP: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field\_cve=CVE-2019-11510 Types: US Government Resource |
CVE Modified by CISA-ADP 10/21/2025 8:16:33 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field\_cve=CVE-2019-11510 |
CVE Modified by CISA-ADP 10/21/2025 4:17:24 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Removed | Reference | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field\_cve=CVE-2019-11510 |
CVE Modified by CISA-ADP 10/21/2025 3:17:44 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field\_cve=CVE-2019-11510 |
Modified Analysis by NIST 4/03/2025 3:42:38 PM
| Action | Type | Old Value | New Value |
|---|
CVE Modified by CISA-ADP 2/03/2025 12:15:11 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | CWE | CWE-22 |
CVE Modified by CVE 11/20/2024 11:21:14 PM
Modified Analysis by NIST 7/25/2024 12:20:01 PM
CVE Modified by MITRE 5/14/2024 1:36:55 AM
| Action | Type | Old Value | New Value |
|---|
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r1.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r1.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r1.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r1.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r2.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r2.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r3.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r3.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r3.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r3.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r4.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r4.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r4.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r4.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r5.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r5.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r5.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r5.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r6.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r6.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r7.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r7.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r7.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r7.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r8.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r8.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r8.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r8.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r8.2:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r8.2:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r9.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r9.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r10.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r10.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r11.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r11.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r12.0:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.2:r12.0:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r2:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r2:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r2.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r2.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r3:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r3:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r4:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r4:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r5:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r5:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r5.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r5.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r5.2:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r5.2:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r6:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r6:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r6.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r6.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 2/27/2024 4:04:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r7:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:8.3:r7:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 1/13/2024 1:36:49 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:9.0:r1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 1/13/2024 1:36:49 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:9.0:r2:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 1/13/2024 1:36:49 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:9.0:r2.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 1/13/2024 1:36:49 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:9.0:r3:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 1/13/2024 1:36:49 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:9.0:r3.1:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 1/13/2024 1:36:49 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:9.0:r3.2:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:* |
CPE Deprecation Remap by NIST 1/13/2024 1:36:49 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:9.0:r3.3:*:*:*:*:*:* | OR *cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:* |
CVE Modified by MITRE 11/06/2023 10:03:02 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | MITRE https://lists.apache.org/thread.html/ff5fa1837b6bd1b24d18a42faa75e165a4573dbe2d434910c15fd08a%40%3Cuser.guacamole.apache.org%3E [No types assigned] | |
| Removed | Reference | MITRE https://lists.apache.org/thread.html/ff5fa1837b6bd1b24d18a42faa75e165a4573dbe2d434910c15fd08a@%3Cuser.guacamole.apache.org%3E |
Modified Analysis by NIST 3/24/2023 1:36:07 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | Reference Type | http://www.securityfocus.com/bid/108073 Third Party Advisory, VDB Entry | http://www.securityfocus.com/bid/108073 Broken Link, Third Party Advisory, VDB Entry |
| Changed | Reference Type | https://www.kb.cert.org/vuls/id/927237 No Types Assigned | https://www.kb.cert.org/vuls/id/927237 Third Party Advisory, US Government Resource |
CWE Remap by NIST 8/24/2020 1:37:01 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CWE | CWE-275 | CWE-22 |
CVE Modified by MITRE 10/16/2019 2:15:23 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | https://www.kb.cert.org/vuls/id/927237 [No Types Assigned] |
CVE Modified by MITRE 10/09/2019 7:45:26 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | CVSS V3 | MITRE AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Reanalysis by NIST 9/24/2019 3:34:25 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | CPE Configuration | Record truncated, showing 2048 of 8064 characters. View Entire Change Record OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:*:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r1.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r1.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r10.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r11.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r12.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r13.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r14.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r15.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r16.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r17.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r18.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r19.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r19.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r2.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r20.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r20.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r20.2:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r21.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.2:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.3:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.4:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r3.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r4.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r5.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r6.0:*:*:*:*:*: | Record truncated, showing 2048 of 2575 characters. View Entire Change Record OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r1.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r1.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r10.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r11.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r12.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r2.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r3.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r3.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r4.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r4.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r5.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r5.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r6.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r7.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r7.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r8.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r8.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r8.2:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2:r9.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r2:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r2.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r3:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r4:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r5:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r5.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r5.2:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r6:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3:r6.1:*:*:*:*:*:* *cpe:2.3:a:pulsesec |
Modified Analysis by NIST 9/20/2019 8:22:05 AM
CVE Modified by MITRE 9/12/2019 2:15:11 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | https://lists.apache.org/thread.html/ff5fa1837b6bd1b24d18a42faa75e165a4573dbe2d434910c15fd08a@%3Cuser.guacamole.apache.org%3E [No Types Assigned] |
CVE Modified by MITRE 9/06/2019 6:15:11 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ [No Types Assigned] |
CVE Modified by MITRE 9/06/2019 5:15:11 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf [No Types Assigned] |
CVE Modified by MITRE 8/27/2019 11:15:11 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | http://packetstormsecurity.com/files/154231/Pulse-Secure-SSL-VPN-File-Disclosure-NSE.html [No Types Assigned] |
CVE Modified by MITRE 8/26/2019 10:15:10 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | https://badpackets.net/over-14500-pulse-secure-vpn-endpoints-vulnerable-to-cve-2019-11510/ [No Types Assigned] |
CVE Modified by MITRE 8/21/2019 7:15:11 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | http://packetstormsecurity.com/files/154176/Pulse-Secure-SSL-VPN-8.1R15.1-8.2-8.3-9.0-Arbitrary-File-Disclosure.html [No Types Assigned] |
CVE Modified by MITRE 8/09/2019 7:15:17 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010 [No Types Assigned] |
CVE Modified by MITRE 5/10/2019 3:29:06 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | Description | In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker can upload a malicious file to write to arbitrary files, because of Insecure Permissions. | In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . |
| Added | Reference | http://www.securityfocus.com/bid/108073 [No Types Assigned] |
Initial Analysis by NIST 5/09/2019 1:24:34 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | CVSS V3 | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |
| Added | CVSS V2 | (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |
| Added | CWE | CWE-275 | |
| Added | CPE Configuration | Record truncated, showing 2048 of 8064 characters. View Entire Change Record OR *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:*:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r1.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r1.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r10.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r11.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r12.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r13.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r14.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r15.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r16.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r17.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r18.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r19.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r19.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r2.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r20.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r20.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r20.2:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r21.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.2:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.3:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r22.4:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r3.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r4.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r5.0:*:*:*:*:*:* *cpe:2.3:a:pulsesecure:pulse_connect_secure:7.1:r6.0:*:*:*:*:*: | |
| Changed | Reference Type | https://kb.pulsesecure.net/?atype=sa No Types Assigned | https://kb.pulsesecure.net/?atype=sa Vendor Advisory |
| Changed | Reference Type | https://kb.pulsesecure.net/articles/Pulse\_Security\_Advisories/SA44101/ No Types Assigned | https://kb.pulsesecure.net/articles/Pulse\_Security\_Advisories/SA44101/ Patch, Vendor Advisory |