HomePentest-Tools.com Logo

Pulse Secure - Local File Inclusion (CVE-2019-11510)

Severity
CVSSv3 Score
10
Vulnerability description

Pulse Secure is affected by a Local File Inclusion vulnerability. The root cause is a functionality in the new "HTML5 Access" feature that uses insufficient path validation, allowing an attacker to bypass authentication and access files. This can allow unauthenticated remote attackers to fetch Microsoft Access Database files from the target systems and extract user credentials, private keys and session cookies from those files.

Risk description

The risk exists that a remote unauthenticated attacker could exploit this vulnerability and extract administrator user credentials, bruteforce the administrator password and then proceed to compromise the system.

Exploit capabilities

Sniper can read arbitrary files from the target system and extract them as evidence.

Recommendation

Upgrade the Pulse Secure server to a version greater than 9.0R3.4.

Codename
Not available
Detectable with
Network Scanner
Exploitable with Sniper
Yes
Vuln date
May 2019
Published at
Updated at
Software Type
VPN gateway
Vendor
Pulse
Product
Connect Secure