CVE-2019-11541
HIGHPulse Secure Pulse Connect Secure <9.0R3.4-8.2R12.1 - Info Disclosure
Title source: llmDescription
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.2RX before 8.2R12.1, users using SAML authentication with the Reuse Existing NC (Pulse) Session option may see authentication leaks.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
Vendor Advisory x_refsource_misc
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/108073
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/927237
Scores
CVSS v3
7.5
EPSS
0.0167
EPSS Percentile
82.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
Status
published
Products (23)
ivanti/connect_secure
8.2
ivanti/connect_secure
8.3
pulsesecure/pulse_connect_secure
8.2r1.0
pulsesecure/pulse_connect_secure
8.2r1.1
pulsesecure/pulse_connect_secure
8.2r2.0
pulsesecure/pulse_connect_secure
8.2r3.0
pulsesecure/pulse_connect_secure
8.2r3.1
pulsesecure/pulse_connect_secure
8.2r4.0
pulsesecure/pulse_connect_secure
8.2r4.1
pulsesecure/pulse_connect_secure
8.2r5.0
... and 13 more
Published
Apr 26, 2019
Tracked Since
Feb 18, 2026