Description

An arbitrary file reading vulnerability exists on Pulse Secure SSL VPN. An attacker can craft a request that accesses potentially sensitive information in the Pulse's filesystem.

Remediation

Upgrade Pulse Secure

References

Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX

Infiltrating Corporate Intranet Like NSA

Related Vulnerabilities

WordPress Plugin Fusion Engage Local File Disclosure (1.0.5)

WordPress Plugin WP Post Popup Directory Traversal (2.0)

WordPress Plugin DukaPress Directory Traversal (2.5.2)

Adobe ColdFusion directory traversal

WordPress Plugin Import and export users and customers Directory Traversal (1.14.2)

Severity

High

Classification

CVE-2019-11510 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Tags

Directory Traversal