CVE-2018-5299

CRITICAL

Pulse Secure PCS <8.3R4-PPS <5.4R4 - Buffer Overflow

Title source: llm
STIX 2.1

Description

A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (PPS) before 5.4R4, leading to memory corruption and possibly remote code execution.

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.0306
EPSS Percentile 86.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (2)
pulsesecure/pulse_connect_secure 8.3r1 - 8.3r3
pulsesecure/pulse_policy_secure 5.4r1 - 5.4r3
Published Jan 16, 2018
Tracked Since Feb 18, 2026